#29 Use 2048-bit keys in tests to enable tests on modern systems
Merged 9 months ago by jhrozek. Opened 10 months ago by jhrozek.
jhrozek/libuser large_keys  into  master

file modified
+1 -1

@@ -30,7 +30,7 @@ 

  mkdir "$workdir"

  

  # Create a SSL key

- /usr/bin/openssl req -newkey rsa:1024 -keyout "$workdir"/key1 -nodes \

+ /usr/bin/openssl req -newkey rsa:2048 -keyout "$workdir"/key1 -nodes \

      -x509 -days 2 -out "$workdir"/key3 2>/dev/null <<EOF

  .

  .

file modified
+1 -1

@@ -30,7 +30,7 @@ 

  mkdir "$workdir"

  

  # Create a SSL key

- /usr/bin/openssl req -newkey rsa:1024 -keyout "$workdir"/key1 -nodes \

+ /usr/bin/openssl req -newkey rsa:2048 -keyout "$workdir"/key1 -nodes \

      -x509 -days 2 -out "$workdir"/key3 2>/dev/null <<EOF

  .

  .

The crypto policies on some modern distributions don't allow 1024-bit
keys. Without this change the LDAP tests won't work on these systems;
OpenLDAP wouldn't start at all with messages like:
slapd[32441]: main: TLS init def ctx failed: -1
slapd[32441]: @(#) $OpenLDAP: slapd 2.4.46 (May 11 2018 17:12:39) $

rebased onto 4425049

9 months ago

Commit 1a75514 fixes this pull-request

Pull-Request has been merged by jhrozek

9 months ago

Pull-Request has been merged by jhrozek

9 months ago
Metadata