From 87f906c6a701b7e0938e31fde1464cdc07f33208 Mon Sep 17 00:00:00 2001
From: Thomas Preud'homme <robotux@celest.fr>
Date: Fri, 12 Sep 2014 22:04:58 +0800
Subject: [PATCH] [ssl_mgmt] Ensure version 3 certificate are used

---
 ssl_mgmt/openssl.cnf.in  | 6 +++---
 ssl_mgmt/tests/4/cmdline | 3 +++
 ssl_mgmt/tests/4/driver  | 2 ++
 ssl_mgmt/tests/4/fini    | 1 +
 ssl_mgmt/tests/4/init    | 1 +
 5 files changed, 10 insertions(+), 3 deletions(-)
 create mode 100644 ssl_mgmt/tests/4/cmdline
 create mode 100755 ssl_mgmt/tests/4/driver
 create mode 120000 ssl_mgmt/tests/4/fini
 create mode 120000 ssl_mgmt/tests/4/init

diff --git a/ssl_mgmt/openssl.cnf.in b/ssl_mgmt/openssl.cnf.in
index 91deca5..ada01a3 100644
--- a/ssl_mgmt/openssl.cnf.in
+++ b/ssl_mgmt/openssl.cnf.in
@@ -22,6 +22,9 @@ nameopt = default_ca
 certopt = default_ca
 policy = policy_match
 copy_extensions = copy
+# We want those extensions only to generate the root certificates, so
+# we specify it on the command line:
+x509_extensions = v3_ca
 
 [ policy_match ]
 countryName = match
@@ -43,9 +46,6 @@ string_mask = nombstr
 prompt = no
 distinguished_name = req_distinguished_name
 req_extensions = v3_req
-# We want those extensions only to generate the root certificates, so
-# we specify it on the command line:
-x509_extensions = v3_ca
 
 [ req_distinguished_name ]
 organizationName = @ORG@
diff --git a/ssl_mgmt/tests/4/cmdline b/ssl_mgmt/tests/4/cmdline
new file mode 100644
index 0000000..0c75ffb
--- /dev/null
+++ b/ssl_mgmt/tests/4/cmdline
@@ -0,0 +1,3 @@
+keyId= cnfFilePath=./ssl_mgmt.conf ../ssl_mgmt renew foo \
+	&& openssl x509 -in destdir/certs/foo-cert.pem -text -noout \
+	| grep "Version: 3"
diff --git a/ssl_mgmt/tests/4/driver b/ssl_mgmt/tests/4/driver
new file mode 100755
index 0000000..e64bbaa
--- /dev/null
+++ b/ssl_mgmt/tests/4/driver
@@ -0,0 +1,2 @@
+echo
+echo "y"
diff --git a/ssl_mgmt/tests/4/fini b/ssl_mgmt/tests/4/fini
new file mode 120000
index 0000000..f12b28a
--- /dev/null
+++ b/ssl_mgmt/tests/4/fini
@@ -0,0 +1 @@
+../restore_foo_fini
\ No newline at end of file
diff --git a/ssl_mgmt/tests/4/init b/ssl_mgmt/tests/4/init
new file mode 120000
index 0000000..f74317c
--- /dev/null
+++ b/ssl_mgmt/tests/4/init
@@ -0,0 +1 @@
+../save_foo_init
\ No newline at end of file