From: Joni Hahkala Date: Tue, 6 Nov 2012 17:12:20 +0000 (+0000) Subject: fix namespace definitions according to the eugridpma specificaiton X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=HEAD;p=glite-security-test-utils.git fix namespace definitions according to the eugridpma specificaiton --- diff --git a/bin/generate-ca-certificates-for-cvs.sh b/bin/generate-ca-certificates-for-cvs.sh index 6041dac..9e1a840 100755 --- a/bin/generate-ca-certificates-for-cvs.sh +++ b/bin/generate-ca-certificates-for-cvs.sh @@ -75,7 +75,7 @@ EOF cat < ${catype}.namespaces # Namespace for the $subject_name" TO Issuer "${subject_name}" \ - PERMIT Subject "$(echo "${subject_name}" | sed -e 's#/CN=.*$##' | sed 's/http:\/\/slash.slash.edu:7656\/testing/Utopia/')/*" + PERMIT Subject "$(echo "${subject_name}" | sed -e 's#/CN=.*$##' | sed 's/http:\/\/slash.slash.edu:7656\/testing/Utopia/')/.*" EOF @@ -92,7 +92,7 @@ EOF # add also the namespace with slashes TO Issuer "${subject_name}" \ - PERMIT Subject "$(echo "${subject_name}" | sed -e 's#/CN=.*$##')/*" + PERMIT Subject "$(echo "${subject_name}" | sed -e 's#/CN=.*$##')/.*" EOF fi diff --git a/bin/generate-test-certificates.sh b/bin/generate-test-certificates.sh index ab69ff0..fd007b0 100755 --- a/bin/generate-test-certificates.sh +++ b/bin/generate-test-certificates.sh @@ -538,7 +538,7 @@ EOF #NAMESPACES-VERSION: 1.0 # Namespaces file for the $(echo "$subject_name" | sed -e 's#^.*/CN=##') TO Issuer "${subject_name:9}" \ - PERMIT Subject "$(echo "${subject_name:9}" | sed -e 's#/CN=.*$##')/*" + PERMIT Subject "$(echo "${subject_name:9}" | sed -e 's#/CN=.*$##')/.*" EOF cp grid-security/certificates/${hash}.* grid-security/certificates-rootwithpolicy cp grid-security/certificates/${hash}.* grid-security/certificates-rootallowsubsubdeny @@ -575,7 +575,7 @@ TO Issuer "${subject_name:9}" \ TO Issuer "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subca CA" \ PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subsubca CA" TO Issuer "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subsubca CA" \ - PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=*" + PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=.*" EOF cat <grid-security/certificates-rootwithpolicy/${hash}.signing_policy # Signing policy file for the $(echo "$subject_name" | sed -e 's#^.*/CN=##') @@ -598,7 +598,7 @@ TO Issuer "${subject_name:9}" \ TO Issuer "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subca CA" \ PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subsubca CA" TO Issuer "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subsubca CA" \ - PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=*" + PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=.*" EOF cat <grid-security/certificates-rootallowsubsubdeny/${hash}.signing_policy # Signing policy file for the $(echo "$subject_name" | sed -e 's#^.*/CN=##') @@ -645,7 +645,7 @@ EOF TO Issuer "${subject_name:9}" \ PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subsubca CA" TO Issuer "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subsubca CA" \ - PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=*" + PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=.*" EOF cat <grid-security/certificates-subcawithpolicy/${hash}.signing_policy # Signing policy file for the $(echo "$subject_name" | sed -e 's#^.*/CN=##') @@ -676,7 +676,7 @@ EOF #NAMESPACES-VERSION: 1.0 # Namespaces file for the $(echo "$subject_name" | sed -e 's#^.*/CN=##') TO Issuer "${subject_name:9}" \ - PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=*" + PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=.*" EOF cat <grid-security/certificates/${hash}.signing_policy # Signing policy file for the $(echo "$subject_name" | sed -e 's#^.*/CN=##') @@ -690,7 +690,7 @@ EOF #NAMESPACES-VERSION: 1.0 # Namespaces file for the $(echo "$subject_name" | sed -e 's#^.*/CN=##') TO Issuer "${subject_name:9}" \ - PERMIT Subject "/C=UG/L=Tropic/O=Utopia-not/OU=Relaxation/CN=*" + PERMIT Subject "/C=UG/L=Tropic/O=Utopia-not/OU=Relaxation/CN=.*" EOF cat <grid-security/certificates-rootallowsubsubdeny/${hash}.signing_policy # Signing policy file for the $(echo "$subject_name" | sed -e 's#^.*/CN=##') diff --git a/test/bad-ca/bad.namespaces b/test/bad-ca/bad.namespaces deleted file mode 100644 index 9da4f08..0000000 --- a/test/bad-ca/bad.namespaces +++ /dev/null @@ -1,3 +0,0 @@ -# Namespace for the /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the bad CA" -TO Issuer "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the bad CA" PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*" - diff --git a/test/bad-ca/bad.signing_policy b/test/bad-ca/bad.signing_policy deleted file mode 100644 index f01254c..0000000 --- a/test/bad-ca/bad.signing_policy +++ /dev/null @@ -1,4 +0,0 @@ -# Signing policy file for the /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the bad CA" -access_id_CA X509 '/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the bad CA' -pos_rights globus CA:sign -cond_subjects globus '"/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*"' diff --git a/test/big-ca/big.namespaces b/test/big-ca/big.namespaces deleted file mode 100644 index f8f7907..0000000 --- a/test/big-ca/big.namespaces +++ /dev/null @@ -1,3 +0,0 @@ -# Namespace for the /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the big CA" -TO Issuer "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the big CA" PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*" - diff --git a/test/big-ca/big.signing_policy b/test/big-ca/big.signing_policy deleted file mode 100644 index 2794ff0..0000000 --- a/test/big-ca/big.signing_policy +++ /dev/null @@ -1,4 +0,0 @@ -# Signing policy file for the /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the big CA" -access_id_CA X509 '/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the big CA' -pos_rights globus CA:sign -cond_subjects globus '"/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*"' diff --git a/test/expired-ca/expired.namespaces b/test/expired-ca/expired.namespaces deleted file mode 100644 index 07f0840..0000000 --- a/test/expired-ca/expired.namespaces +++ /dev/null @@ -1,3 +0,0 @@ -# Namespace for the /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the expired CA" -TO Issuer "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the expired CA" PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*" - diff --git a/test/expired-ca/expired.signing_policy b/test/expired-ca/expired.signing_policy deleted file mode 100644 index 47d53e4..0000000 --- a/test/expired-ca/expired.signing_policy +++ /dev/null @@ -1,4 +0,0 @@ -# Signing policy file for the /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the expired CA" -access_id_CA X509 '/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the expired CA' -pos_rights globus CA:sign -cond_subjects globus '"/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*"' diff --git a/test/fake-ca/fake.namespaces b/test/fake-ca/fake.namespaces deleted file mode 100644 index 98b5a74..0000000 --- a/test/fake-ca/fake.namespaces +++ /dev/null @@ -1,3 +0,0 @@ -# Namespace for the /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the fake CA" -TO Issuer "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the fake CA" PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*" - diff --git a/test/fake-ca/fake.signing_policy b/test/fake-ca/fake.signing_policy deleted file mode 100644 index 6bbfa13..0000000 --- a/test/fake-ca/fake.signing_policy +++ /dev/null @@ -1,4 +0,0 @@ -# Signing policy file for the /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the fake CA" -access_id_CA X509 '/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the fake CA' -pos_rights globus CA:sign -cond_subjects globus '"/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*"' diff --git a/test/nokeyusage-ca/nokeyusage.namespaces b/test/nokeyusage-ca/nokeyusage.namespaces deleted file mode 100644 index 526b01a..0000000 --- a/test/nokeyusage-ca/nokeyusage.namespaces +++ /dev/null @@ -1,3 +0,0 @@ -# Namespace for the /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the nokeyusage CA" -TO Issuer "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the nokeyusage CA" PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*" - diff --git a/test/nokeyusage-ca/nokeyusage.signing_policy b/test/nokeyusage-ca/nokeyusage.signing_policy deleted file mode 100644 index 1eb4337..0000000 --- a/test/nokeyusage-ca/nokeyusage.signing_policy +++ /dev/null @@ -1,4 +0,0 @@ -# Signing policy file for the /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the nokeyusage CA" -access_id_CA X509 '/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the nokeyusage CA' -pos_rights globus CA:sign -cond_subjects globus '"/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*"' diff --git a/test/root-ca/root.namespaces b/test/root-ca/root.namespaces deleted file mode 100644 index e0ef777..0000000 --- a/test/root-ca/root.namespaces +++ /dev/null @@ -1,3 +0,0 @@ -# Namespace for the /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the root CA" -TO Issuer "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the root CA" PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*" - diff --git a/test/root-ca/root.signing_policy b/test/root-ca/root.signing_policy deleted file mode 100644 index 7f878da..0000000 --- a/test/root-ca/root.signing_policy +++ /dev/null @@ -1,4 +0,0 @@ -# Signing policy file for the /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the root CA" -access_id_CA X509 '/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the root CA' -pos_rights globus CA:sign -cond_subjects globus '"/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*"' diff --git a/test/slash-ca/slash.namespaces b/test/slash-ca/slash.namespaces deleted file mode 100644 index fadaf75..0000000 --- a/test/slash-ca/slash.namespaces +++ /dev/null @@ -1,7 +0,0 @@ -# Namespace for the /C=UG/L=Tropic/O=http://slash.slash.edu:7656/testing/OU=Relaxation/CN=the slash CA" -TO Issuer "/C=UG/L=Tropic/O=http://slash.slash.edu:7656/testing/OU=Relaxation/CN=the slash CA" PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*" - - -# add also the namespace with slashes -TO Issuer "/C=UG/L=Tropic/O=http://slash.slash.edu:7656/testing/OU=Relaxation/CN=the slash CA" PERMIT Subject "/C=UG/L=Tropic/O=http://slash.slash.edu:7656/testing/OU=Relaxation/*" - diff --git a/test/slash-ca/slash.signing_policy b/test/slash-ca/slash.signing_policy deleted file mode 100644 index 8c27f97..0000000 --- a/test/slash-ca/slash.signing_policy +++ /dev/null @@ -1,10 +0,0 @@ -# Signing policy file for the /C=UG/L=Tropic/O=http://slash.slash.edu:7656/testing/OU=Relaxation/CN=the slash CA" -access_id_CA X509 '/C=UG/L=Tropic/O=http://slash.slash.edu:7656/testing/OU=Relaxation/CN=the slash CA' -pos_rights globus CA:sign -cond_subjects globus '"/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*"' - -# add also the namespace with slashes -access_id_CA X509 '/C=UG/L=Tropic/O=http://slash.slash.edu:7656/testing/OU=Relaxation/CN=the slash CA' -pos_rights globus CA:sign -cond_subjects globus '"/C=UG/L=Tropic/O=http://slash.slash.edu:7656/testing/OU=Relaxation/*"' - diff --git a/test/subca-ca/subca.namespaces b/test/subca-ca/subca.namespaces deleted file mode 100644 index f372f3a..0000000 --- a/test/subca-ca/subca.namespaces +++ /dev/null @@ -1,3 +0,0 @@ -# Namespace for the /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subca CA" -TO Issuer "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subca CA" PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*" - diff --git a/test/subca-ca/subca.signing_policy b/test/subca-ca/subca.signing_policy deleted file mode 100644 index 0ef698a..0000000 --- a/test/subca-ca/subca.signing_policy +++ /dev/null @@ -1,4 +0,0 @@ -# Signing policy file for the /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subca CA" -access_id_CA X509 '/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subca CA' -pos_rights globus CA:sign -cond_subjects globus '"/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*"' diff --git a/test/subsubca-ca/subsubca.namespaces b/test/subsubca-ca/subsubca.namespaces deleted file mode 100644 index 9089949..0000000 --- a/test/subsubca-ca/subsubca.namespaces +++ /dev/null @@ -1,3 +0,0 @@ -# Namespace for the /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subsubca CA" -TO Issuer "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subsubca CA" PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*" - diff --git a/test/subsubca-ca/subsubca.signing_policy b/test/subsubca-ca/subsubca.signing_policy deleted file mode 100644 index 5617cb1..0000000 --- a/test/subsubca-ca/subsubca.signing_policy +++ /dev/null @@ -1,4 +0,0 @@ -# Signing policy file for the /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subsubca CA" -access_id_CA X509 '/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the subsubca CA' -pos_rights globus CA:sign -cond_subjects globus '"/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*"' diff --git a/test/trusted-ca/trusted.namespaces b/test/trusted-ca/trusted.namespaces deleted file mode 100644 index fce2bf0..0000000 --- a/test/trusted-ca/trusted.namespaces +++ /dev/null @@ -1,3 +0,0 @@ -# Namespace for the /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the trusted CA" -TO Issuer "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the trusted CA" PERMIT Subject "/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*" - diff --git a/test/trusted-ca/trusted.signing_policy b/test/trusted-ca/trusted.signing_policy deleted file mode 100644 index 56f2207..0000000 --- a/test/trusted-ca/trusted.signing_policy +++ /dev/null @@ -1,4 +0,0 @@ -# Signing policy file for the /C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the trusted CA" -access_id_CA X509 '/C=UG/L=Tropic/O=Utopia/OU=Relaxation/CN=the trusted CA' -pos_rights globus CA:sign -cond_subjects globus '"/C=UG/L=Tropic/O=Utopia/OU=Relaxation/*"'