Reorg ssl tests certs

bin/test/test_prerequisites.ps1

@@ -19,17 +19,17 @@ if ($LASTEXITCODE) { Throw }
 sleep 5
 if (netstat -ano | Select-String LISTENING | Select-string 127.0.0.1:8000) {write-host -foregroundcolor Green "server is up"} else {write-host -foregroundcolor Red "server is down" ; cat build\server.log ; exit 1}
 
-python tests_ssl/ssl_server.py 8001 tests_ssl/server/cert.selfsigned.pem false 2>&1 > build\server-ssl-selfsigned.log &
+python tests_ssl/ssl_server.py 8001 tests_ssl/certs/server/cert.selfsigned.pem false 2>&1 > build\server-ssl-selfsigned.log &
 if ($LASTEXITCODE) { Throw }
 sleep 5
 if (netstat -ano | Select-String LISTENING | Select-string 127.0.0.1:8001) {write-host -foregroundcolor Green "server-ssl-selfsigned up"} else {write-host -foregroundcolor Red "server-ssl-selfsigned is down" ; cat build\server-ssl-selfsigned.log ; exit 1}
 
-python tests_ssl/ssl_server.py 8002 tests_ssl/server/cert.pem false 2>&1 > build\server-ssl-signedbyca.log &
+python tests_ssl/ssl_server.py 8002 tests_ssl/certs/server/cert.pem false 2>&1 > build\server-ssl-signedbyca.log &
 if ($LASTEXITCODE) { Throw }
 sleep 5
 if (netstat -ano | Select-String LISTENING | Select-string 127.0.0.1:8002) {write-host -foregroundcolor Green "server-ssl-signedbyca up"} else {write-host -foregroundcolor Red "server-ssl-signedbyca is down" ; cat build\server-ssl-signedbyca.log ; exit 1}
 
-python tests_ssl/ssl_server.py 8003 tests_ssl/server/cert.pem true 2>&1 > build\server-ssl-client-authent.log &
+python tests_ssl/ssl_server.py 8003 tests_ssl/certs/server/cert.pem true 2>&1 > build\server-ssl-client-authent.log &
 if ($LASTEXITCODE) { Throw }
 sleep 5
 if (netstat -ano | Select-String LISTENING | Select-string 127.0.0.1:8003) {write-host -foregroundcolor Green "server-ssl-client-authent up"} else {write-host -foregroundcolor Red "server-ssl-client-authent is down" ; cat build\server-ssl-client-authent.log ; exit 1}

bin/test/test_prerequisites.sh

@@ -78,15 +78,15 @@ python3 server.py > build/server.log 2>&1 &
 check_listen_port "server.py" 8000 || cat_and_exit_err build/server.log
 
 echo -e "\n------------------ Starting tests_ssl/ssl_server.py (Self-signed certificate)"
-python3 tests_ssl/ssl_server.py 8001 tests_ssl/server/cert.selfsigned.pem false > build/server-ssl-selfsigned.log 2>&1 &
+python3 tests_ssl/ssl_server.py 8001 tests_ssl/certs/server/cert.selfsigned.pem false > build/server-ssl-selfsigned.log 2>&1 &
 check_listen_port "tests_ssl/ssl_server.py" 8001 || cat_and_exit_err build/server-ssl-selfsigned.log
 
 echo -e "\n------------------ Starting tests_ssl/ssl_server.py (Signed by CA)"
-python3 tests_ssl/ssl_server.py 8002 tests_ssl/server/cert.pem false > build/server-ssl-signedbyca.log 2>&1 &
+python3 tests_ssl/ssl_server.py 8002 tests_ssl/certs/server/cert.pem false > build/server-ssl-signedbyca.log 2>&1 &
 check_listen_port "tests_ssl/ssl_server.py" 8002 || cat_and_exit_err build/server-ssl-signedbyca.log
 
 echo -e "\n------------------ Starting ssl/ssl_server.py (Self-signed certificate + Client certificate authentication)"
-python3 tests_ssl/ssl_server.py 8003 tests_ssl/server/cert.selfsigned.pem true > build/server-ssl-client-authent.log 2>&1 &
+python3 tests_ssl/ssl_server.py 8003 tests_ssl/certs/server/cert.selfsigned.pem true > build/server-ssl-client-authent.log 2>&1 &
 check_listen_port "tests_ssl/ssl_server.py" 8003 || cat_and_exit_err build/server-ssl-client-authent.log
 
 echo -e "\n------------------ Starting tests_unix_socket/unix_socket_server.py"

integration/hurl/tests_ssl/cacert.curl

@@ -1 +1 @@
-curl --cacert tests_ssl/ca/cert.pem 'https://localhost:8002/hello'
+curl --cacert tests_ssl/certs/ca/cert.pem 'https://localhost:8002/hello'

integration/hurl/tests_ssl/cacert.ps1

@@ -1,5 +1,5 @@
 Set-StrictMode -Version latest
 $ErrorActionPreference = 'Stop'
 # Does not work without --ssl-no-revoke
-#hurl --cacert tests_ssl/ca/cert.pem tests_ssl/cacert.hurl
+#hurl --cacert tests_ssl/certs/ca/cert.pem tests_ssl/cacert.hurl
 exit 255

integration/hurl/tests_ssl/cacert.sh

@@ -1,3 +1,3 @@
 #!/bin/bash
 set -Eeuo pipefail
-hurl --cacert tests_ssl/ca/cert.pem tests_ssl/cacert.hurl
+hurl --cacert tests_ssl/certs/ca/cert.pem tests_ssl/cacert.hurl

integration/hurl/tests_ssl/cacert_no_revoke.curl

@@ -1 +1 @@
-curl --cacert tests_ssl/ca/cert.pem 'https://localhost:8002/hello'
+curl --cacert tests_ssl/certs/ca/cert.pem 'https://localhost:8002/hello'

integration/hurl/tests_ssl/cacert_no_revoke.ps1

@@ -1,3 +1,3 @@
 Set-StrictMode -Version latest
 $ErrorActionPreference = 'Stop'
-hurl --cacert tests_ssl/ca/cert.pem --ssl-no-revoke tests_ssl/cacert.hurl
+hurl --cacert tests_ssl/certs/ca/cert.pem --ssl-no-revoke tests_ssl/cacert.hurl

integration/hurl/tests_ssl/cacert_no_revoke.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
 set -Eeuo pipefail
 # --ssl-no-revoke is only available in windows
-#hurl --cacert tests_ssl/ca/cert.pem --ssl-no-revoke tests_ssl/cacert.hurl
+#hurl --cacert tests_ssl/certs/ca/cert.pem --ssl-no-revoke tests_ssl/cacert.hurl
 exit 255

integration/hurl/tests_ssl/cacert_no_revoke_to_json.ps1

@@ -1,3 +1,3 @@
 Set-StrictMode -Version latest
 $ErrorActionPreference = 'Stop'
-hurl --cacert tests_ssl/ca/cert.pem --ssl-no-revoke --json tests_ssl/cacert.hurl
+hurl --cacert tests_ssl/certs/ca/cert.pem --ssl-no-revoke --json tests_ssl/cacert.hurl

integration/hurl/tests_ssl/cacert_no_revoke_to_json.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
 set -Eeuo pipefail
 # --ssl-no-revoke is only available in windows
-#hurl --cacert tests_ssl/ca/cert.pem --ssl-no-revoke --json tests_ssl/cacert.hurl
+#hurl --cacert tests_ssl/certs/ca/cert.pem --ssl-no-revoke --json tests_ssl/cacert.hurl
 exit 255

integration/hurl/tests_ssl/cacert_selfsigned.curl

@@ -1 +1 @@
-curl --cacert tests_ssl/server/cert.selfsigned.pem 'https://localhost:8001/hello'
+curl --cacert tests_ssl/certs/server/cert.selfsigned.pem 'https://localhost:8001/hello'

integration/hurl/tests_ssl/cacert_selfsigned.ps1

@@ -1,3 +1,3 @@
 Set-StrictMode -Version latest
 $ErrorActionPreference = 'Stop'
-hurl tests_ssl/cacert_selfsigned.hurl --cacert tests_ssl/server/cert.selfsigned.pem --verbose
+hurl tests_ssl/cacert_selfsigned.hurl --cacert tests_ssl/certs/server/cert.selfsigned.pem --verbose

integration/hurl/tests_ssl/cacert_selfsigned.sh

@@ -1,3 +1,3 @@
 #!/bin/bash
 set -Eeuo pipefail
-hurl tests_ssl/cacert_selfsigned.hurl --cacert tests_ssl/server/cert.selfsigned.pem --verbose
+hurl tests_ssl/cacert_selfsigned.hurl --cacert tests_ssl/certs/server/cert.selfsigned.pem --verbose

integration/hurl/tests_ssl/cacert_to_json.ps1

@@ -1,5 +1,5 @@
 Set-StrictMode -Version latest
 $ErrorActionPreference = 'Stop'
 # Does not work without --ssl-no-revoke
-#hurl --cacert tests_ssl/ca/cert.pem --json tests_ssl/cacert.hurl
+#hurl --cacert tests_ssl/certs/ca/cert.pem --json tests_ssl/cacert.hurl
 exit 255

integration/hurl/tests_ssl/cacert_to_json.sh

@@ -1,3 +1,3 @@
 #!/bin/bash
 set -Eeuo pipefail
-hurl --cacert tests_ssl/ca/cert.pem --json tests_ssl/cacert.hurl
+hurl --cacert tests_ssl/certs/ca/cert.pem --json tests_ssl/cacert.hurl

integration/hurl/tests_ssl/client_authentication.curl

@@ -1,2 +1,2 @@
-curl --cacert tests_ssl/server/cert.selfsigned.pem --cert tests_ssl/client/cert.pem --key tests_ssl/client/key.pem 'https://localhost:8003/hello'
+curl --cacert tests_ssl/certs/server/cert.selfsigned.pem --cert tests_ssl/certs/client/cert.pem --key tests_ssl/certs/client/key.pem 'https://localhost:8003/hello'
 

integration/hurl/tests_ssl/client_authentication.ps1

@@ -1,7 +1,7 @@
 Set-StrictMode -Version latest
 $ErrorActionPreference = 'Stop'
 try {
-    hurl tests_ssl/client_authentication.hurl --cacert tests_ssl/server/cert.selfsigned.pem --cert tests_ssl/client/cert.pem --key tests_ssl/client/key.pem --verbose
+    hurl tests_ssl/client_authentication.hurl --cacert tests_ssl/certs/server/cert.selfsigned.pem --cert tests_ssl/certs/client/cert.pem --key tests_ssl/certs/client/key.pem --verbose
 } finally {
     $global:LASTEXITCODE = 0
     $ErrorActionPreference = 'Continue'

integration/hurl/tests_ssl/client_authentication.sh

@@ -1,3 +1,3 @@
 #!/bin/bash
 set -Eeuo pipefail
-hurl tests_ssl/client_authentication.hurl --cacert tests_ssl/server/cert.selfsigned.pem --cert tests_ssl/client/cert.pem --key tests_ssl/client/key.pem --verbose
+hurl tests_ssl/client_authentication.hurl --cacert tests_ssl/certs/server/cert.selfsigned.pem --cert tests_ssl/certs/client/cert.pem --key tests_ssl/certs/client/key.pem --verbose

integration/hurl/tests_ssl/client_authentication_password.curl

@@ -1 +1 @@
-curl --cacert tests_ssl/server/cert.selfsigned.pem --cert tests_ssl/client/cert.pem:foobar --key tests_ssl/client/encrypted.key.pem 'https://localhost:8003/hello'
+curl --cacert tests_ssl/certs/server/cert.selfsigned.pem --cert tests_ssl/certs/client/cert.pem:foobar --key tests_ssl/certs/client/encrypted.key.pem 'https://localhost:8003/hello'

integration/hurl/tests_ssl/client_authentication_password.hurl

@@ -1,27 +1,27 @@
 GET https://localhost:8003/hello
 [Options]
-cacert: tests_ssl/server/cert.selfsigned.pem
-cert: tests_ssl/client/cert.pem:foobar
-key: tests_ssl/client/encrypted.key.pem
+cacert: tests_ssl/certs/server/cert.selfsigned.pem
+cert: tests_ssl/certs/client/cert.pem:foobar
+key: tests_ssl/certs/client/encrypted.key.pem
 HTTP 200
 
 # Using variables in filename and password
 GET https://localhost:8003/hello
 [Options]
-variable: filename=tests_ssl/client/cert.pem
+variable: filename=tests_ssl/certs/client/cert.pem
 variable: password=foobar
-cacert: tests_ssl/server/cert.selfsigned.pem
+cacert: tests_ssl/certs/server/cert.selfsigned.pem
 cert: {{filename}}:{{password}}
-key: tests_ssl/client/encrypted.key.pem
+key: tests_ssl/certs/client/encrypted.key.pem
 HTTP 200
 
 # Using variable for combined filename and password
 GET https://localhost:8003/hello
 [Options]
-variable: filename_with_password=tests_ssl/client/cert.pem:foobar
-cacert: tests_ssl/server/cert.selfsigned.pem
+variable: filename_with_password=tests_ssl/certs/client/cert.pem:foobar
+cacert: tests_ssl/certs/server/cert.selfsigned.pem
 cert: {{filename_with_password}}
-key: tests_ssl/client/encrypted.key.pem
+key: tests_ssl/certs/client/encrypted.key.pem
 HTTP 200
 
 

integration/hurl/tests_ssl/error_client_authentication_password.hurl

@@ -1,7 +1,7 @@
 GET https://localhost:8003/hello
 [Options]
-cacert: tests_ssl/server/cert.selfsigned.pem
-cert: tests_ssl/client/cert.pem:toto1234
-key: tests_ssl/client/encrypted.key.pem
+cacert: tests_ssl/certs/server/cert.selfsigned.pem
+cert: tests_ssl/certs/client/cert.pem:toto1234
+key: tests_ssl/certs/client/encrypted.key.pem
 HTTP 200
 

integration/hurl/tests_ssl/options.curl

@@ -1,4 +1,4 @@
 curl --insecure 'https://localhost:8001/hello'
 curl --insecure 'https://localhost:8001/hello'
-curl --cacert tests_ssl/server/cert.selfsigned.pem 'https://localhost:8001/hello'
+curl --cacert tests_ssl/certs/server/cert.selfsigned.pem 'https://localhost:8001/hello'
 

integration/hurl/tests_ssl/options.hurl

@@ -16,6 +16,6 @@ HTTP 200
 
 GET https://localhost:8001/hello
 [Options]
-cacert: tests_ssl/server/cert.selfsigned.pem       # with a custom certificate
+cacert: tests_ssl/certs/server/cert.selfsigned.pem       # with a custom certificate
 HTTP 200
 `Hello World!`

integration/hurl/tests_ssl/ssl_server.py

@@ -22,8 +22,8 @@ def get_ssl_context(cert_file, use_client_certificate_authentication):
     ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
     if use_client_certificate_authentication:
         ssl_context.verify_mode = ssl.CERT_REQUIRED
-    ssl_context.load_verify_locations("tests_ssl/ca/cert.pem")
-    ssl_context.load_cert_chain(cert_file, "tests_ssl/server/key.pem")
+    ssl_context.load_verify_locations("tests_ssl/certs/ca/cert.pem")
+    ssl_context.load_cert_chain(cert_file, "tests_ssl/certs/server/key.pem")
     return ssl_context
 
 

integration/hurl/tests_ssl/utils/generate_keys.sh

@@ -6,18 +6,18 @@ rm -rf ca client server
 mkdir ca client server
 
 # CA
-openssl genrsa -out ca/key.pem 2048
-openssl req -x509 -new -nodes -key ca/key.pem -sha256 -days 1024 -out ca/cert.pem -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=myCA"
+openssl genrsa -out certs/ca/key.pem 2048
+openssl req -x509 -new -nodes -key certs/ca/key.pem -sha256 -days 1024 -out certs/ca/cert.pem -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=myCA"
 
 # Client
-openssl genrsa -out client/key.pem 2048
-openssl req -new -key client/key.pem -sha256 -out client/csr.pem -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=client"
-openssl x509 -req -in client/csr.pem -CA ca/cert.pem -CAkey ca/key.pem -CAcreateserial -out client/cert.pem -days 825 -sha256
-openssl rsa -aes256 -in tests_ssl/client/key.pem -passout pass:foobar -out tests_ssl/client/encrypted.key.pem
+openssl genrsa -out certs/client/key.pem 2048
+openssl req -new -key certs/client/key.pem -sha256 -out certs/client/csr.pem -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=client"
+openssl x509 -req -in certs/client/csr.pem -CA certs/ca/cert.pem -CAkey certs/ca/key.pem -CAcreateserial -out certs/client/cert.pem -days 825 -sha256
+openssl rsa -aes256 -in tests_ssl/certs/client/key.pem -passout pass:foobar -out tests_ssl/certs/client/encrypted.key.pem
 
 # Server
-openssl genrsa -out server/key.pem 2048
-openssl req -x509 -new -nodes -key server/key.pem -sha256 -days 1024 -out server/cert.selfsigned.pem -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=localhost"
-openssl req -new -key server/key.pem -sha256 -out server/csr.pem -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=localhost"
-openssl x509 -req -in server/csr.pem -CA ca/cert.pem -CAkey ca/key.pem -CAcreateserial -out server/cert.pem -days 825 -sha256
+openssl genrsa -out certs/server/key.pem 2048
+openssl req -x509 -new -nodes -key certs/server/key.pem -sha256 -days 1024 -out certs/server/cert.selfsigned.pem -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=localhost"
+openssl req -new -key certs/server/key.pem -sha256 -out certs/server/csr.pem -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=localhost"
+openssl x509 -req -in certs/server/csr.pem -CA certs/ca/cert.pem -CAkey certs/ca/key.pem -CAcreateserial -out certs/server/cert.pem -days 825 -sha256