Finally we can test this!
Specifically, we switch the defaults to the privkeys directories,
which affects the existing t-basic-kex test. We introduce two new
tests for testing the old arrangements.
The consequences for the t-basic-kex test are:
* Use the sites file generated with --install-pubkeys, thus
testing the new make-secnet-sites.
* Use peer-keys, so testing secnet's new pubkey loading
mechanisms.
* Use priv-cache, so testing secnet's new privkey loading
mechanisms.
* Test the new public key choice negotation mechanism.
The old tests tests the compatibility of the key choice negotiation
mechanism, as well as the capability to generate
old-style (compatible) sites.conf files.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
}
set extra(outside) {}
-set privkey(inside) test-example/inside.key
-set privkey(outside) test-example/outside.key
+set privkey(inside) test-example/inside.privkeys/
+set privkey(outside) test-example/outside.privkeys/
proc mkconf {location site} {
global tmp
--- /dev/null
+#! /usr/bin/tclsh
+
+source stest/common.tcl
+
+# `non-negotiating' ends:
+set privkey(inside) test-example/inside.key
+# So old, new; ie -on
+
+# There is no -no because the sites file tells a new inside to expect
+# a different key.
+
+test-kex
--- /dev/null
+#! /usr/bin/tclsh
+
+source stest/common.tcl
+
+# `non-negotiating' ends:
+set privkey(inside) test-example/inside.key
+set privkey(outside) test-example/outside.key
+# So old, old; ie -oo
+
+# There is no -no because the sites file tells a new inside to expect
+# a different key.
+
+test-kex