OpenConnect 7.08 release

Mike Miller mtmiller at debian.org
Tue Dec 13 14:58:46 PST 2016 

On Tue, Dec 13, 2016 at 22:50:55 +0000, David Woodhouse wrote:
> Why *doesn't* the Debian package honour $SOFTHSM2_CONF though?

Ok, it does, it's actually because the environment variable isn't being
passed to ocserv (and probably because the permissions on /etc/softhsm2
are wrong in Debian). The following fully fixes this for me


>From e26a4e19f528439fe7f02890d5bfe695365c3e9b Mon Sep 17 00:00:00 2001
From: Mike Miller <mtmiller at debian.org>
Date: Tue, 13 Dec 2016 14:51:28 -0800
Subject: [PATCH] Ensure full test suite uses local softhsm2.conf

Add SOFTHSM2_CONF to the test environment so it is picked up by both
ocserv and openconnect when needed.

Signed-off-by: Mike Miller <mtmiller at debian.org>
---
 tests/auth-pkcs11 | 2 +-
 tests/common.sh   | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/tests/auth-pkcs11 b/tests/auth-pkcs11
index adc40f5..ee6dc5a 100755
--- a/tests/auth-pkcs11
+++ b/tests/auth-pkcs11
@@ -36,7 +36,7 @@ for TOKEN in ${pkcs11_tokens}; do
     for KEY in ${pkcs11_keys}; do
 	echo -n "Connecting to obtain cookie (token ${TOKEN} key ${KEY})... "
 	CERTURI="pkcs11:token=${TOKEN};${KEY};pin-value=1234"
-	( echo "test" | HOME=${srcdir} SOFTHSM2_CONF=softhsm2.conf LD_PRELOAD=libsocket_wrapper.so \
+	( echo "test" | HOME=${srcdir} LD_PRELOAD=libsocket_wrapper.so \
 			    $OPENCONNECT -q $ADDRESS:443 -u test -c \"${CERTURI}\" --key-password 1234 --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --cookieonly --passwd-on-stdin ) ||
 	    fail $PID "Could not connect with token ${TOKEN} key ${KEY##*/}!"
     done
diff --git a/tests/common.sh b/tests/common.sh
index d89cf83..c88954c 100644
--- a/tests/common.sh
+++ b/tests/common.sh
@@ -30,6 +30,7 @@ SOCKDIR="./sockwrap.$$.tmp"
 mkdir -p $SOCKDIR
 export SOCKET_WRAPPER_DIR=$SOCKDIR
 export SOCKET_WRAPPER_DEFAULT_IFACE=2
+export SOFTHSM2_CONF=softhsm2.conf
 ADDRESS=127.0.0.$SOCKET_WRAPPER_DEFAULT_IFACE
 OPENCONNECT="eval LD_PRELOAD=libsocket_wrapper.so ${top_builddir}/openconnect"
 
-- 
2.10.2

-- 
mike

More information about the openconnect-devel mailing list