Adding upstream version 2.9.4.upstream/2.9.4

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-19 05:31:45 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-19 05:31:45 +0000
commit: 74aa0bc6779af38018a03fd2cf4419fe85917904 (patch)
tree: 9cb0681aac9a94a49c153d5823e7a55d1513d91f /src/tests/test_CA/intermediate_CA
parent: Initial commit. (diff)
download: sssd-74aa0bc6779af38018a03fd2cf4419fe85917904.tar.xz
sssd-74aa0bc6779af38018a03fd2cf4419fe85917904.zip
6 files changed, 1087 insertions, 0 deletions
diff --git a/src/tests/test_CA/intermediate_CA/Makefile.am b/src/tests/test_CA/intermediate_CA/Makefile.am
new file mode 100644
index 0000000..b439f82
--- /dev/null
+++ b/src/tests/test_CA/intermediate_CA/Makefile.am
@@ -0,0 +1,98 @@
+dist_noinst_DATA = \
+    SSSD_test_intermediate_CA.config \
+    SSSD_test_intermediate_CA_key.pem \
+    SSSD_test_intermediate_CA_cert_0001.config  \
+    SSSD_test_intermediate_CA_cert_key_0001.pem
+
+openssl_root_ca_config = $(abs_srcdir)/../SSSD_test_CA.config
+openssl_root_ca_key = $(abs_srcdir)/../SSSD_test_CA_key.pem
+openssl_intermediate_ca_config = $(srcdir)/SSSD_test_intermediate_CA.config
+openssl_intermediate_ca_key = $(abs_srcdir)/SSSD_test_intermediate_CA_key.pem
+pwdfile = pwdfile
+
+configs := $(notdir $(wildcard $(srcdir)/SSSD_test_intermediate_CA_cert_*.config))
+ids := $(subst SSSD_test_intermediate_CA_cert_,,$(basename $(configs)))
+certs = $(addprefix SSSD_test_intermediate_CA_cert_x509_,$(addsuffix .pem,$(ids)))
+certs_h = $(addprefix SSSD_test_intermediate_CA_cert_x509_,$(addsuffix .h,$(ids)))
+pubkeys = $(addprefix SSSD_test_intermediate_CA_cert_pubsshkey_,$(addsuffix .pub,$(ids)))
+pubkeys_h = $(addprefix SSSD_test_intermediate_CA_cert_pubsshkey_,$(addsuffix .h,$(ids)))
+pkcs12 = $(addprefix SSSD_test_intermediate_CA_cert_pkcs12_,$(addsuffix .pem,$(ids)))
+
+extra = softhsm2_intermediate_one
+
+# If openssl is run in parallel there might be conflicts with the serial
+.NOTPARALLEL:
+
+ca_all: clean SSSD_test_intermediate_CA.pem SSSD_test_intermediate_CA_full_db.pem $(certs) $(certs_h) $(pubkeys) $(pubkeys_h) $(pkcs12) $(extra)
+
+$(pwdfile):
+	@echo "123456" > $@
+
+SSSD_test_CA.pem:
+	$(MAKE) -C $(builddir)/.. SSSD_test_CA.pem
+	ln -s $(builddir)/../$@
+
+SSSD_test_intermediate_CA_req.pem: $(openssl_intermediate_ca_key) $(openssl_intermediate_ca_config) SSSD_test_CA.pem
+	$(OPENSSL) req -batch -config ${openssl_intermediate_ca_config} -new -nodes -key $< -sha256 -extensions v3_ca -out $@
+
+SSSD_test_intermediate_CA.pem: SSSD_test_intermediate_CA_req.pem $(openssl_root_ca_config) $(openssl_root_ca_key)
+	cd .. && $(OPENSSL) ca -config ${openssl_root_ca_config} -batch -notext -keyfile $(openssl_root_ca_key) -in $(abs_builddir)/$< -days 200 -extensions v3_intermediate_ca -out $(abs_builddir)/$@
+
+SSSD_test_intermediate_CA_full_db.pem: SSSD_test_CA.pem SSSD_test_intermediate_CA.pem
+	cat $^ > $@
+
+SSSD_test_intermediate_CA_cert_req_%.pem: $(srcdir)/SSSD_test_intermediate_CA_cert_key_%.pem $(srcdir)/SSSD_test_intermediate_CA_cert_%.config
+	$(OPENSSL) req -new -nodes -key $< -reqexts req_exts -config $(srcdir)/SSSD_test_intermediate_CA_cert_$*.config -out $@
+
+SSSD_test_intermediate_CA_cert_x509_%.pem: SSSD_test_intermediate_CA_cert_req_%.pem $(openssl_intermediate_ca_config) SSSD_test_intermediate_CA.pem serial
+	$(OPENSSL) ca -config ${openssl_intermediate_ca_config} -batch -notext -keyfile $(openssl_intermediate_ca_key) -in $< -days 200 -extensions usr_cert -out $@
+
+SSSD_test_intermediate_CA_cert_pkcs12_%.pem: SSSD_test_intermediate_CA_cert_x509_%.pem $(srcdir)/SSSD_test_intermediate_CA_cert_key_%.pem $(pwdfile)
+	$(OPENSSL) pkcs12 -export -in SSSD_test_intermediate_CA_cert_x509_$*.pem -inkey $(srcdir)/SSSD_test_intermediate_CA_cert_key_$*.pem -nodes -passout file:$(pwdfile) -out $@
+
+SSSD_test_intermediate_CA_cert_pubkey_%.pem: SSSD_test_intermediate_CA_cert_x509_%.pem
+	$(OPENSSL) x509 -in $< -pubkey -noout > $@
+
+SSSD_test_intermediate_CA_cert_pubsshkey_%.pub: SSSD_test_intermediate_CA_cert_pubkey_%.pem
+	$(SSH_KEYGEN) -i -m PKCS8 -f $< > $@
+
+SSSD_test_intermediate_CA_cert_x509_%.h: SSSD_test_intermediate_CA_cert_x509_%.pem
+	@echo "#define SSSD_TEST_INTERMEDIATE_CA_CERT_$* \""$(shell cat $< |openssl x509 -outform der | base64 -w 0)"\"" > $@
+
+SSSD_test_intermediate_CA_cert_pubsshkey_%.h: SSSD_test_intermediate_CA_cert_pubsshkey_%.pub
+	@echo "#define SSSD_TEST_INTERMEDIATE_CA_CERT_SSH_KEY_$* \""$(shell cut -d' ' -f2 $<)"\"" > $@
+
+
+softhsm2_intermediate_one: softhsm2_intermediate_one.conf
+	mkdir $@
+	SOFTHSM2_CONF=./$< $(SOFTHSM2_UTIL) --init-token  --label "SSSD Test intermediate CA Token" --pin 123456 --so-pin 123456 --free
+	GNUTLS_PIN=123456 SOFTHSM2_CONF=./$< $(P11TOOL) --provider=$(SOFTHSM2_PATH) --write --no-mark-private --load-certificate=SSSD_test_intermediate_CA_cert_x509_0001.pem --login  --label 'SSSD test intermediate cert 0001' --id '190E513C9A3DFAACDE5D2D0592F0FDFF559C10CB'
+	GNUTLS_PIN=123456 SOFTHSM2_CONF=./$< $(P11TOOL) --provider=$(SOFTHSM2_PATH) --write --load-privkey=$(srcdir)/SSSD_test_intermediate_CA_cert_key_0001.pem --login  --label 'SSSD test intermediate cert 0001' --id '190E513C9A3DFAACDE5D2D0592F0FDFF559C10CB'
+
+softhsm2_intermediate_one.conf:
+	@echo "directories.tokendir = "$(abs_top_builddir)"/src/tests/test_CA/intermediate_CA/softhsm2_intermediate_one" > $@
+	@echo "objectstore.backend = file" >> $@
+	@echo "slots.removable = true" >> $@
+
+CLEANFILES = \
+    index.txt  index.txt.attr \
+    index.txt.attr.old  index.txt.old \
+    SSSD_test_intermediate_CA.pem \
+	SSSD_test_intermediate_CA_req.pem \
+	SSSD_test_intermediate_CA_full_db.pem \
+	SSSD_test_CA.pem \
+	$(pwdfile) \
+    $(certs) $(certs_h) $(pubkeys) $(pubkeys_h) $(pkcs12) \
+    softhsm2_*.conf \
+    $(NULL)
+
+clean-local:
+	rm -rf newcerts
+	rm -rf softhsm*
+	rm -rf serial*
+
+serial:
+	mkdir -p newcerts
+	touch index.txt
+	touch index.txt.attr
+	echo -n 01 > serial
diff --git a/src/tests/test_CA/intermediate_CA/Makefile.in b/src/tests/test_CA/intermediate_CA/Makefile.in
new file mode 100644
index 0000000..06be94a
--- /dev/null
+++ b/src/tests/test_CA/intermediate_CA/Makefile.in
@@ -0,0 +1,812 @@
+# Makefile.in generated by automake 1.16.5 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2021 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+am__is_gnu_make = { \
+  if test -z '$(MAKELEVEL)'; then \
+    false; \
+  elif test -n '$(MAKE_HOST)'; then \
+    true; \
+  elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+    true; \
+  else \
+    false; \
+  fi; \
+}
+am__make_running_with_option = \
+  case $${target_option-} in \
+      ?) ;; \
+      *) echo "am__make_running_with_option: internal error: invalid" \
+              "target option '$${target_option-}' specified" >&2; \
+         exit 1;; \
+  esac; \
+  has_opt=no; \
+  sane_makeflags=$$MAKEFLAGS; \
+  if $(am__is_gnu_make); then \
+    sane_makeflags=$$MFLAGS; \
+  else \
+    case $$MAKEFLAGS in \
+      *\\[\ \	]*) \
+        bs=\\; \
+        sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+          | sed "s/$$bs$$bs[$$bs $$bs	]*//g"`;; \
+    esac; \
+  fi; \
+  skip_next=no; \
+  strip_trailopt () \
+  { \
+    flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+  }; \
+  for flg in $$sane_makeflags; do \
+    test $$skip_next = yes && { skip_next=no; continue; }; \
+    case $$flg in \
+      *=*|--*) continue;; \
+        -*I) strip_trailopt 'I'; skip_next=yes;; \
+      -*I?*) strip_trailopt 'I';; \
+        -*O) strip_trailopt 'O'; skip_next=yes;; \
+      -*O?*) strip_trailopt 'O';; \
+        -*l) strip_trailopt 'l'; skip_next=yes;; \
+      -*l?*) strip_trailopt 'l';; \
+      -[dEDm]) skip_next=yes;; \
+      -[JT]) skip_next=yes;; \
+    esac; \
+    case $$flg in \
+      *$$target_option*) has_opt=yes; break;; \
+    esac; \
+  done; \
+  test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = src/tests/test_CA/intermediate_CA
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
+	$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/lib-ld.m4 \
+	$(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \
+	$(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \
+	$(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
+	$(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/nls.m4 \
+	$(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/progtest.m4 \
+	$(top_srcdir)/version.m4 $(top_srcdir)/src/build_macros.m4 \
+	$(top_srcdir)/src/external/platform.m4 \
+	$(top_srcdir)/src/conf_macros.m4 \
+	$(top_srcdir)/src/external/pkg.m4 \
+	$(top_srcdir)/src/external/libpopt.m4 \
+	$(top_srcdir)/src/external/libtalloc.m4 \
+	$(top_srcdir)/src/external/libtdb.m4 \
+	$(top_srcdir)/src/external/libtevent.m4 \
+	$(top_srcdir)/src/external/libldb.m4 \
+	$(top_srcdir)/src/external/libdhash.m4 \
+	$(top_srcdir)/src/external/libini_config.m4 \
+	$(top_srcdir)/src/external/libgssapi_krb5.m4 \
+	$(top_srcdir)/src/external/pam.m4 \
+	$(top_srcdir)/src/external/ldap.m4 \
+	$(top_srcdir)/src/external/libpcre.m4 \
+	$(top_srcdir)/src/external/krb5.m4 \
+	$(top_srcdir)/src/external/libcares.m4 \
+	$(top_srcdir)/src/external/libcmocka.m4 \
+	$(top_srcdir)/src/external/docbook.m4 \
+	$(top_srcdir)/src/external/sizes.m4 \
+	$(top_srcdir)/src/external/python.m4 \
+	$(top_srcdir)/src/external/selinux.m4 \
+	$(top_srcdir)/src/external/crypto.m4 \
+	$(top_srcdir)/src/external/nsupdate.m4 \
+	$(top_srcdir)/src/external/libkeyutils.m4 \
+	$(top_srcdir)/src/external/libkrad.m4 \
+	$(top_srcdir)/src/external/libnl.m4 \
+	$(top_srcdir)/src/external/systemd.m4 \
+	$(top_srcdir)/src/external/pac_responder.m4 \
+	$(top_srcdir)/src/external/cifsidmap.m4 \
+	$(top_srcdir)/src/external/signal.m4 \
+	$(top_srcdir)/src/external/inotify.m4 \
+	$(top_srcdir)/src/external/samba.m4 \
+	$(top_srcdir)/src/external/sasl.m4 \
+	$(top_srcdir)/src/external/libnfsidmap.m4 \
+	$(top_srcdir)/src/external/cwrap.m4 \
+	$(top_srcdir)/src/external/libresolv.m4 \
+	$(top_srcdir)/src/external/intgcheck.m4 \
+	$(top_srcdir)/src/external/systemtap.m4 \
+	$(top_srcdir)/src/external/service.m4 \
+	$(top_srcdir)/src/external/test_ca.m4 \
+	$(top_srcdir)/src/external/ax_valgrind_check.m4 \
+	$(top_srcdir)/src/external/libjansson.m4 \
+	$(top_srcdir)/src/external/libcurl.m4 \
+	$(top_srcdir)/src/external/libjose.m4 \
+	$(top_srcdir)/src/external/libuuid.m4 \
+	$(top_srcdir)/src/external/libunistring.m4 \
+	$(top_srcdir)/src/external/libpasskey.m4 \
+	$(top_srcdir)/src/external/p11-kit.m4 \
+	$(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(dist_noinst_DATA) \
+	$(am__DIST_COMMON)
+mkinstalldirs = $(SHELL) $(top_srcdir)/build/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN     " $@;
+am__v_GEN_1 = 
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 = 
+SOURCES =
+DIST_SOURCES =
+am__can_run_installinfo = \
+  case $$AM_UPDATE_INFO_DIR in \
+    n|no|NO) false;; \
+    *) (install-info --version) >/dev/null 2>&1;; \
+  esac
+DATA = $(dist_noinst_DATA)
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+am__DIST_COMMON = $(srcdir)/Makefile.in \
+	$(top_srcdir)/build/mkinstalldirs
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CARES_CFLAGS = @CARES_CFLAGS@
+CARES_LIBS = @CARES_LIBS@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CHECK_CFLAGS = @CHECK_CFLAGS@
+CHECK_LIBS = @CHECK_LIBS@
+CMOCKA_CFLAGS = @CMOCKA_CFLAGS@
+CMOCKA_LIBS = @CMOCKA_LIBS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CRYPTO_CFLAGS = @CRYPTO_CFLAGS@
+CRYPTO_LIBS = @CRYPTO_LIBS@
+CSCOPE = @CSCOPE@
+CTAGS = @CTAGS@
+CURL_CFLAGS = @CURL_CFLAGS@
+CURL_LIBS = @CURL_LIBS@
+CYGPATH_W = @CYGPATH_W@
+DBUS_CFLAGS = @DBUS_CFLAGS@
+DBUS_LIBS = @DBUS_LIBS@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DHASH_CFLAGS = @DHASH_CFLAGS@
+DHASH_LIBS = @DHASH_LIBS@
+DLLTOOL = @DLLTOOL@
+DOCBOOK_XSLT = @DOCBOOK_XSLT@
+DOXYGEN = @DOXYGEN@
+DSYMUTIL = @DSYMUTIL@
+DTRACE = @DTRACE@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ENABLE_VALGRIND_drd = @ENABLE_VALGRIND_drd@
+ENABLE_VALGRIND_helgrind = @ENABLE_VALGRIND_helgrind@
+ENABLE_VALGRIND_memcheck = @ENABLE_VALGRIND_memcheck@
+ENABLE_VALGRIND_sgcheck = @ENABLE_VALGRIND_sgcheck@
+ETAGS = @ETAGS@
+EXEEXT = @EXEEXT@
+FAKETIME = @FAKETIME@
+FGREP = @FGREP@
+FIDO2_CFLAGS = @FIDO2_CFLAGS@
+FIDO2_LIBS = @FIDO2_LIBS@
+FILECMD = @FILECMD@
+GDM_PAM_EXTENSIONS_CFLAGS = @GDM_PAM_EXTENSIONS_CFLAGS@
+GDM_PAM_EXTENSIONS_LIBS = @GDM_PAM_EXTENSIONS_LIBS@
+GMSGFMT = @GMSGFMT@
+GPO_DEFAULT = @GPO_DEFAULT@
+GREP = @GREP@
+GSSAPI_KRB5_CFLAGS = @GSSAPI_KRB5_CFLAGS@
+GSSAPI_KRB5_LIBS = @GSSAPI_KRB5_LIBS@
+HAVE_FAKEROOT = @HAVE_FAKEROOT@
+HAVE_LDAPMODIFY = @HAVE_LDAPMODIFY@
+HAVE_MANPAGES = @HAVE_MANPAGES@
+HAVE_NSS_WRAPPER = @HAVE_NSS_WRAPPER@
+HAVE_PAM_WRAPPER = @HAVE_PAM_WRAPPER@
+HAVE_PYTHON2 = @HAVE_PYTHON2@
+HAVE_PYTHON2_BINDINGS = @HAVE_PYTHON2_BINDINGS@
+HAVE_PYTHON3 = @HAVE_PYTHON3@
+HAVE_PYTHON3_BINDINGS = @HAVE_PYTHON3_BINDINGS@
+HAVE_SELINUX = @HAVE_SELINUX@
+HAVE_SEMANAGE = @HAVE_SEMANAGE@
+HAVE_UID_WRAPPER = @HAVE_UID_WRAPPER@
+INI_CONFIG_CFLAGS = @INI_CONFIG_CFLAGS@
+INI_CONFIG_LIBS = @INI_CONFIG_LIBS@
+INI_CONFIG_V0_CFLAGS = @INI_CONFIG_V0_CFLAGS@
+INI_CONFIG_V0_LIBS = @INI_CONFIG_V0_LIBS@
+INI_CONFIG_V1_1_CFLAGS = @INI_CONFIG_V1_1_CFLAGS@
+INI_CONFIG_V1_1_LIBS = @INI_CONFIG_V1_1_LIBS@
+INI_CONFIG_V1_3_CFLAGS = @INI_CONFIG_V1_3_CFLAGS@
+INI_CONFIG_V1_3_LIBS = @INI_CONFIG_V1_3_LIBS@
+INI_CONFIG_V1_CFLAGS = @INI_CONFIG_V1_CFLAGS@
+INI_CONFIG_V1_LIBS = @INI_CONFIG_V1_LIBS@
+INOTIFY_LIBS = @INOTIFY_LIBS@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+INTLLIBS = @INTLLIBS@
+INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@
+JANSSON_CFLAGS = @JANSSON_CFLAGS@
+JANSSON_LIBS = @JANSSON_LIBS@
+JOSE_CFLAGS = @JOSE_CFLAGS@
+JOSE_LIBS = @JOSE_LIBS@
+JOURNALD_CFLAGS = @JOURNALD_CFLAGS@
+JOURNALD_LIBS = @JOURNALD_LIBS@
+KEYUTILS_LIBS = @KEYUTILS_LIBS@
+KRAD_LIBS = @KRAD_LIBS@
+KRB5_CFLAGS = @KRB5_CFLAGS@
+KRB5_CONFIG = @KRB5_CONFIG@
+KRB5_LIBS = @KRB5_LIBS@
+LD = @LD@
+LDB_CFLAGS = @LDB_CFLAGS@
+LDB_LIBS = @LDB_LIBS@
+LDFLAGS = @LDFLAGS@
+LIBADD_DL = @LIBADD_DL@
+LIBADD_DLD_LINK = @LIBADD_DLD_LINK@
+LIBADD_DLOPEN = @LIBADD_DLOPEN@
+LIBADD_SHL_LOAD = @LIBADD_SHL_LOAD@
+LIBADD_TIMER = @LIBADD_TIMER@
+LIBCLOCK_GETTIME = @LIBCLOCK_GETTIME@
+LIBICONV = @LIBICONV@
+LIBINTL = @LIBINTL@
+LIBNL1_CFLAGS = @LIBNL1_CFLAGS@
+LIBNL1_LIBS = @LIBNL1_LIBS@
+LIBNL3_CFLAGS = @LIBNL3_CFLAGS@
+LIBNL3_LIBS = @LIBNL3_LIBS@
+LIBNL_CFLAGS = @LIBNL_CFLAGS@
+LIBNL_LIBS = @LIBNL_LIBS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBICONV = @LTLIBICONV@
+LTLIBINTL = @LTLIBINTL@
+LTLIBOBJS = @LTLIBOBJS@
+LT_DLLOADERS = @LT_DLLOADERS@
+LT_DLPREOPEN = @LT_DLPREOPEN@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MKINSTALLDIRS = @MKINSTALLDIRS@
+MSGFMT = @MSGFMT@
+MSGMERGE = @MSGMERGE@
+NDR_KRB5PAC_CFLAGS = @NDR_KRB5PAC_CFLAGS@
+NDR_KRB5PAC_LIBS = @NDR_KRB5PAC_LIBS@
+NDR_NBT_CFLAGS = @NDR_NBT_CFLAGS@
+NDR_NBT_LIBS = @NDR_NBT_LIBS@
+NFSIDMAP_CFLAGS = @NFSIDMAP_CFLAGS@
+NFSIDMAP_LIBS = @NFSIDMAP_LIBS@
+NFSIDMAP_OBJ = @NFSIDMAP_OBJ@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSUPDATE = @NSUPDATE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENLDAP_CFLAGS = @OPENLDAP_CFLAGS@
+OPENLDAP_LIBS = @OPENLDAP_LIBS@
+OPENSSL = @OPENSSL@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+P11TOOL = @P11TOOL@
+P11_KIT_CFLAGS = @P11_KIT_CFLAGS@
+P11_KIT_LIBS = @P11_KIT_LIBS@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PAM_LIBS = @PAM_LIBS@
+PAM_MISC_LIBS = @PAM_MISC_LIBS@
+PASSKEY_CFLAGS = @PASSKEY_CFLAGS@
+PASSKEY_LIBS = @PASSKEY_LIBS@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PCRE_CFLAGS = @PCRE_CFLAGS@
+PCRE_LIBS = @PCRE_LIBS@
+PKG_CONFIG = @PKG_CONFIG@
+PO4A = @PO4A@
+POPT_CFLAGS = @POPT_CFLAGS@
+POPT_LIBS = @POPT_LIBS@
+POSUB = @POSUB@
+PRERELEASE_VERSION = @PRERELEASE_VERSION@
+PYTHON = @PYTHON@
+PYTHON2 = @PYTHON2@
+PYTHON2_CFLAGS = @PYTHON2_CFLAGS@
+PYTHON2_EXEC_PREFIX = @PYTHON2_EXEC_PREFIX@
+PYTHON2_INCLUDES = @PYTHON2_INCLUDES@
+PYTHON2_LIBS = @PYTHON2_LIBS@
+PYTHON2_PREFIX = @PYTHON2_PREFIX@
+PYTHON2_VERSION = @PYTHON2_VERSION@
+PYTHON3 = @PYTHON3@
+PYTHON3_CFLAGS = @PYTHON3_CFLAGS@
+PYTHON3_EXEC_PREFIX = @PYTHON3_EXEC_PREFIX@
+PYTHON3_INCLUDES = @PYTHON3_INCLUDES@
+PYTHON3_LIBS = @PYTHON3_LIBS@
+PYTHON3_PREFIX = @PYTHON3_PREFIX@
+PYTHON3_VERSION = @PYTHON3_VERSION@
+PYTHON_CONFIG = @PYTHON_CONFIG@
+PYTHON_EXEC = @PYTHON_EXEC@
+PYTHON_EXEC_INTG = @PYTHON_EXEC_INTG@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
+RANLIB = @RANLIB@
+RESOLV_CFLAGS = @RESOLV_CFLAGS@
+RESOLV_LIBS = @RESOLV_LIBS@
+SAMBA_UTIL_CFLAGS = @SAMBA_UTIL_CFLAGS@
+SAMBA_UTIL_LIBS = @SAMBA_UTIL_LIBS@
+SASL_CFLAGS = @SASL_CFLAGS@
+SASL_LIBS = @SASL_LIBS@
+SED = @SED@
+SELINUX_LIBS = @SELINUX_LIBS@
+SEMANAGE_LIBS = @SEMANAGE_LIBS@
+SERVICE = @SERVICE@
+SET_MAKE = @SET_MAKE@
+SGML_CATALOG_FILES = @SGML_CATALOG_FILES@
+SHELL = @SHELL@
+SLAPD = @SLAPD@
+SMBCLIENT_CFLAGS = @SMBCLIENT_CFLAGS@
+SMBCLIENT_LIBS = @SMBCLIENT_LIBS@
+SOFTHSM2_PATH = @SOFTHSM2_PATH@
+SOFTHSM2_UTIL = @SOFTHSM2_UTIL@
+SSH_KEYGEN = @SSH_KEYGEN@
+SSL_CFLAGS = @SSL_CFLAGS@
+SSL_LIBS = @SSL_LIBS@
+SSSD_USER = @SSSD_USER@
+STRIP = @STRIP@
+SYSTEMD_DAEMON_CFLAGS = @SYSTEMD_DAEMON_CFLAGS@
+SYSTEMD_DAEMON_LIBS = @SYSTEMD_DAEMON_LIBS@
+SYSTEMD_LOGIN_CFLAGS = @SYSTEMD_LOGIN_CFLAGS@
+SYSTEMD_LOGIN_LIBS = @SYSTEMD_LOGIN_LIBS@
+TALLOC_CFLAGS = @TALLOC_CFLAGS@
+TALLOC_LIBS = @TALLOC_LIBS@
+TDB_CFLAGS = @TDB_CFLAGS@
+TDB_LIBS = @TDB_LIBS@
+TEST_DIR = @TEST_DIR@
+TEVENT_CFLAGS = @TEVENT_CFLAGS@
+TEVENT_LIBS = @TEVENT_LIBS@
+UNICODE_LIBS = @UNICODE_LIBS@
+USE_NLS = @USE_NLS@
+UUID_CFLAGS = @UUID_CFLAGS@
+UUID_LIBS = @UUID_LIBS@
+VALGRIND = @VALGRIND@
+VALGRIND_ENABLED = @VALGRIND_ENABLED@
+VERSION = @VERSION@
+XGETTEXT = @XGETTEXT@
+XMLLINT = @XMLLINT@
+XSLTPROC = @XSLTPROC@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+appmodpath = @appmodpath@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+cifspluginpath = @cifspluginpath@
+config_def_ccache_dir = @config_def_ccache_dir@
+config_def_ccname_template = @config_def_ccname_template@
+datadir = @datadir@
+datarootdir = @datarootdir@
+dbpath = @dbpath@
+docdir = @docdir@
+dvidir = @dvidir@
+environment_file = @environment_file@
+exec_prefix = @exec_prefix@
+gpocachepath = @gpocachepath@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+initdir = @initdir@
+install_sh = @install_sh@
+krb5authdatapluginpath = @krb5authdatapluginpath@
+krb5pluginpath = @krb5pluginpath@
+krb5rcachedir = @krb5rcachedir@
+ldblibdir = @ldblibdir@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+logpath = @logpath@
+mandir = @mandir@
+mcpath = @mcpath@
+mkdir_p = @mkdir_p@
+nfsidmaplibdir = @nfsidmaplibdir@
+nfslibpath = @nfslibpath@
+nsslibdir = @nsslibdir@
+oldincludedir = @oldincludedir@
+pammoddir = @pammoddir@
+pdfdir = @pdfdir@
+pidpath = @pidpath@
+pipepath = @pipepath@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
+pluginpath = @pluginpath@
+polkitdir = @polkitdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+pubconfpath = @pubconfpath@
+py2execdir = @py2execdir@
+py3execdir = @py3execdir@
+pyexecdir = @pyexecdir@
+python2dir = @python2dir@
+python3dir = @python3dir@
+pythondir = @pythondir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+secdbpath = @secdbpath@
+session_recording_shell = @session_recording_shell@
+sharedbuilddir = @sharedbuilddir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+subidlibpath = @subidlibpath@
+sudolibpath = @sudolibpath@
+sysconfdir = @sysconfdir@
+systemdconfdir = @systemdconfdir@
+systemdunitdir = @systemdunitdir@
+tapset_dir = @tapset_dir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+valgrind_enabled_tools = @valgrind_enabled_tools@
+valgrind_tools = @valgrind_tools@
+winbindpluginpath = @winbindpluginpath@
+dist_noinst_DATA = \
+    SSSD_test_intermediate_CA.config \
+    SSSD_test_intermediate_CA_key.pem \
+    SSSD_test_intermediate_CA_cert_0001.config  \
+    SSSD_test_intermediate_CA_cert_key_0001.pem
+
+openssl_root_ca_config = $(abs_srcdir)/../SSSD_test_CA.config
+openssl_root_ca_key = $(abs_srcdir)/../SSSD_test_CA_key.pem
+openssl_intermediate_ca_config = $(srcdir)/SSSD_test_intermediate_CA.config
+openssl_intermediate_ca_key = $(abs_srcdir)/SSSD_test_intermediate_CA_key.pem
+pwdfile = pwdfile
+configs := $(notdir $(wildcard $(srcdir)/SSSD_test_intermediate_CA_cert_*.config))
+ids := $(subst SSSD_test_intermediate_CA_cert_,,$(basename $(configs)))
+certs = $(addprefix SSSD_test_intermediate_CA_cert_x509_,$(addsuffix .pem,$(ids)))
+certs_h = $(addprefix SSSD_test_intermediate_CA_cert_x509_,$(addsuffix .h,$(ids)))
+pubkeys = $(addprefix SSSD_test_intermediate_CA_cert_pubsshkey_,$(addsuffix .pub,$(ids)))
+pubkeys_h = $(addprefix SSSD_test_intermediate_CA_cert_pubsshkey_,$(addsuffix .h,$(ids)))
+pkcs12 = $(addprefix SSSD_test_intermediate_CA_cert_pkcs12_,$(addsuffix .pem,$(ids)))
+extra = softhsm2_intermediate_one
+CLEANFILES = \
+    index.txt  index.txt.attr \
+    index.txt.attr.old  index.txt.old \
+    SSSD_test_intermediate_CA.pem \
+	SSSD_test_intermediate_CA_req.pem \
+	SSSD_test_intermediate_CA_full_db.pem \
+	SSSD_test_CA.pem \
+	$(pwdfile) \
+    $(certs) $(certs_h) $(pubkeys) $(pubkeys_h) $(pkcs12) \
+    softhsm2_*.conf \
+    $(NULL)
+
+all: all-am
+
+.SUFFIXES:
+$(srcdir)/Makefile.in:  $(srcdir)/Makefile.am  $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/tests/test_CA/intermediate_CA/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --foreign src/tests/test_CA/intermediate_CA/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
+	esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure:  $(am__configure_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4):  $(am__aclocal_m4_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+tags TAGS:
+
+ctags CTAGS:
+
+cscope cscopelist:
+
+distdir: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
+	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	list='$(DISTFILES)'; \
+	  dist_files=`for file in $$list; do echo $$file; done | \
+	  sed -e "s|^$$srcdirstrip/||;t" \
+	      -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+	case $$dist_files in \
+	  */*) $(MKDIR_P) `echo "$$dist_files" | \
+			   sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+			   sort -u` ;; \
+	esac; \
+	for file in $$dist_files; do \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  if test -d $$d/$$file; then \
+	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+	  else \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
+	    || exit 1; \
+	  fi; \
+	done
+check-am: all-am
+check: check-am
+all-am: Makefile $(DATA)
+installdirs:
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
+mostlyclean-generic:
+
+clean-generic:
+	-test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-local mostlyclean-am
+
+distclean: distclean-am
+	-rm -f Makefile
+distclean-am: clean-am distclean-generic
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: install-am install-strip
+
+.PHONY: all all-am check check-am clean clean-generic clean-libtool \
+	clean-local cscopelist-am ctags-am distclean distclean-generic \
+	distclean-libtool distdir dvi dvi-am html html-am info info-am \
+	install install-am install-data install-data-am install-dvi \
+	install-dvi-am install-exec install-exec-am install-html \
+	install-html-am install-info install-info-am install-man \
+	install-pdf install-pdf-am install-ps install-ps-am \
+	install-strip installcheck installcheck-am installdirs \
+	maintainer-clean maintainer-clean-generic mostlyclean \
+	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+	tags-am uninstall uninstall-am
+
+.PRECIOUS: Makefile
+
+
+# If openssl is run in parallel there might be conflicts with the serial
+.NOTPARALLEL:
+
+ca_all: clean SSSD_test_intermediate_CA.pem SSSD_test_intermediate_CA_full_db.pem $(certs) $(certs_h) $(pubkeys) $(pubkeys_h) $(pkcs12) $(extra)
+
+$(pwdfile):
+	@echo "123456" > $@
+
+SSSD_test_CA.pem:
+	$(MAKE) -C $(builddir)/.. SSSD_test_CA.pem
+	ln -s $(builddir)/../$@
+
+SSSD_test_intermediate_CA_req.pem: $(openssl_intermediate_ca_key) $(openssl_intermediate_ca_config) SSSD_test_CA.pem
+	$(OPENSSL) req -batch -config ${openssl_intermediate_ca_config} -new -nodes -key $< -sha256 -extensions v3_ca -out $@
+
+SSSD_test_intermediate_CA.pem: SSSD_test_intermediate_CA_req.pem $(openssl_root_ca_config) $(openssl_root_ca_key)
+	cd .. && $(OPENSSL) ca -config ${openssl_root_ca_config} -batch -notext -keyfile $(openssl_root_ca_key) -in $(abs_builddir)/$< -days 200 -extensions v3_intermediate_ca -out $(abs_builddir)/$@
+
+SSSD_test_intermediate_CA_full_db.pem: SSSD_test_CA.pem SSSD_test_intermediate_CA.pem
+	cat $^ > $@
+
+SSSD_test_intermediate_CA_cert_req_%.pem: $(srcdir)/SSSD_test_intermediate_CA_cert_key_%.pem $(srcdir)/SSSD_test_intermediate_CA_cert_%.config
+	$(OPENSSL) req -new -nodes -key $< -reqexts req_exts -config $(srcdir)/SSSD_test_intermediate_CA_cert_$*.config -out $@
+
+SSSD_test_intermediate_CA_cert_x509_%.pem: SSSD_test_intermediate_CA_cert_req_%.pem $(openssl_intermediate_ca_config) SSSD_test_intermediate_CA.pem serial
+	$(OPENSSL) ca -config ${openssl_intermediate_ca_config} -batch -notext -keyfile $(openssl_intermediate_ca_key) -in $< -days 200 -extensions usr_cert -out $@
+
+SSSD_test_intermediate_CA_cert_pkcs12_%.pem: SSSD_test_intermediate_CA_cert_x509_%.pem $(srcdir)/SSSD_test_intermediate_CA_cert_key_%.pem $(pwdfile)
+	$(OPENSSL) pkcs12 -export -in SSSD_test_intermediate_CA_cert_x509_$*.pem -inkey $(srcdir)/SSSD_test_intermediate_CA_cert_key_$*.pem -nodes -passout file:$(pwdfile) -out $@
+
+SSSD_test_intermediate_CA_cert_pubkey_%.pem: SSSD_test_intermediate_CA_cert_x509_%.pem
+	$(OPENSSL) x509 -in $< -pubkey -noout > $@
+
+SSSD_test_intermediate_CA_cert_pubsshkey_%.pub: SSSD_test_intermediate_CA_cert_pubkey_%.pem
+	$(SSH_KEYGEN) -i -m PKCS8 -f $< > $@
+
+SSSD_test_intermediate_CA_cert_x509_%.h: SSSD_test_intermediate_CA_cert_x509_%.pem
+	@echo "#define SSSD_TEST_INTERMEDIATE_CA_CERT_$* \""$(shell cat $< |openssl x509 -outform der | base64 -w 0)"\"" > $@
+
+SSSD_test_intermediate_CA_cert_pubsshkey_%.h: SSSD_test_intermediate_CA_cert_pubsshkey_%.pub
+	@echo "#define SSSD_TEST_INTERMEDIATE_CA_CERT_SSH_KEY_$* \""$(shell cut -d' ' -f2 $<)"\"" > $@
+
+softhsm2_intermediate_one: softhsm2_intermediate_one.conf
+	mkdir $@
+	SOFTHSM2_CONF=./$< $(SOFTHSM2_UTIL) --init-token  --label "SSSD Test intermediate CA Token" --pin 123456 --so-pin 123456 --free
+	GNUTLS_PIN=123456 SOFTHSM2_CONF=./$< $(P11TOOL) --provider=$(SOFTHSM2_PATH) --write --no-mark-private --load-certificate=SSSD_test_intermediate_CA_cert_x509_0001.pem --login  --label 'SSSD test intermediate cert 0001' --id '190E513C9A3DFAACDE5D2D0592F0FDFF559C10CB'
+	GNUTLS_PIN=123456 SOFTHSM2_CONF=./$< $(P11TOOL) --provider=$(SOFTHSM2_PATH) --write --load-privkey=$(srcdir)/SSSD_test_intermediate_CA_cert_key_0001.pem --login  --label 'SSSD test intermediate cert 0001' --id '190E513C9A3DFAACDE5D2D0592F0FDFF559C10CB'
+
+softhsm2_intermediate_one.conf:
+	@echo "directories.tokendir = "$(abs_top_builddir)"/src/tests/test_CA/intermediate_CA/softhsm2_intermediate_one" > $@
+	@echo "objectstore.backend = file" >> $@
+	@echo "slots.removable = true" >> $@
+
+clean-local:
+	rm -rf newcerts
+	rm -rf softhsm*
+	rm -rf serial*
+
+serial:
+	mkdir -p newcerts
+	touch index.txt
+	touch index.txt.attr
+	echo -n 01 > serial
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/src/tests/test_CA/intermediate_CA/SSSD_test_intermediate_CA.config b/src/tests/test_CA/intermediate_CA/SSSD_test_intermediate_CA.config
new file mode 100644
index 0000000..38033fc
--- /dev/null
+++ b/src/tests/test_CA/intermediate_CA/SSSD_test_intermediate_CA.config
@@ -0,0 +1,53 @@
+[ ca ]
+default_ca = CA_default
+
+[ CA_default ]
+dir              = .
+database         = $dir/index.txt
+new_certs_dir    = $dir/newcerts
+
+certificate      = $dir/SSSD_test_intermediate_CA.pem
+serial           = $dir/serial
+private_key      = $dir/SSSD_test_intermediate_CA_key.pem
+RANDFILE         = $dir/rand
+
+default_days     = 365
+default_crl_days = 30
+default_md       = sha256
+
+policy           = policy_any
+email_in_dn      = no
+
+name_opt         = ca_default
+cert_opt         = ca_default
+copy_extensions  = copy
+
+[ usr_cert ]
+authorityKeyIdentifier = keyid, issuer
+
+[ v3_ca ]
+subjectKeyIdentifier   = hash
+authorityKeyIdentifier = keyid:always,issuer:always
+basicConstraints       = CA:true
+keyUsage               = critical, digitalSignature, cRLSign, keyCertSign
+
+[ v3_intermediate_ca ]
+subjectKeyIdentifier   = hash
+authorityKeyIdentifier = keyid:always,issuer:always
+basicConstraints       = CA:true
+keyUsage               = critical, digitalSignature, cRLSign, keyCertSign
+
+[ policy_any ]
+organizationName       = supplied
+organizationalUnitName = supplied
+commonName             = supplied
+emailAddress           = optional
+
+[ req ]
+distinguished_name = req_distinguished_name
+prompt             = no
+
+[ req_distinguished_name ]
+O  = SSSD
+OU = SSSD test
+CN = SSSD test intermediate CA
diff --git a/src/tests/test_CA/intermediate_CA/SSSD_test_intermediate_CA_cert_0001.config b/src/tests/test_CA/intermediate_CA/SSSD_test_intermediate_CA_cert_0001.config
new file mode 100644
index 0000000..5797839
--- /dev/null
+++ b/src/tests/test_CA/intermediate_CA/SSSD_test_intermediate_CA_cert_0001.config
@@ -0,0 +1,20 @@
+# This certificate is used in
+# - src/tests/cmocka/test_cert_utils.c
+# - src/tests/cmocka/test_pam_srv.c
+[ req ]
+distinguished_name = req_distinguished_name
+prompt = no
+
+[ req_distinguished_name ]
+O = SSSD
+OU = SSSD test intermediate CA
+CN = SSSD test intermediate cert 0001
+
+[ req_exts ]
+basicConstraints = CA:FALSE
+nsCertType = client, email
+nsComment = "SSSD test intermediate CA trusted Certificate"
+subjectKeyIdentifier = hash
+keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment
+extendedKeyUsage = clientAuth, emailProtection
+subjectAltName = email:sssd-devel@lists.fedorahosted.org,URI:https://github.com/SSSD/sssd/
diff --git a/src/tests/test_CA/intermediate_CA/SSSD_test_intermediate_CA_cert_key_0001.pem b/src/tests/test_CA/intermediate_CA/SSSD_test_intermediate_CA_cert_key_0001.pem
new file mode 100644
index 0000000..ca8a5a0
--- /dev/null
+++ b/src/tests/test_CA/intermediate_CA/SSSD_test_intermediate_CA_cert_key_0001.pem
@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQCtx1CfGEY/kbwb
+3Nx7h8WKSH1AHby3KXn+64p+sSrf1J2naIFKdA6Wdu7k1GX2UTbIo0rQ8WTbyEtD
+SvENE34/qCTn4eCn6YcHAF1OBOa3jctrYCgpxdbKT1/ZlcquWMY9zYxANlfRAgPo
+qcgKIjcG9MSX2RWqXp9PmvzSDyknkzWX3QfFJd39EwXuqE0fecw3PpnCi0p87Lyg
+WlUO3dGeW9PcFsfC8tl6bb1InxX+83s/+NTDAxvJXiInPlpamtvoNqcWfFrW9YgG
+mSemEt5uzeKJd7nBE2UaqFwtn53SLrV600Es1PNgm/PQ5saW7Cm7STYUr92WpQov
+Sf65Q34aVTnaPpkN5bguEG+ZeqZLMmNb/DDpq5DuTgxqe13fvOr/PiIsB3oWwpGn
+BDM77ajFXpT7by1D48cQbxGVAgWFeh18tbZra8sEsgtyT4wleh5rnKYLFZdbjgz5
+MFGgHcV5g94ZNF5JhdsUJwqaGuHxs4pEVaT13mLTDLf4pe9BCa+6faKcnaKCWmxV
+22d2sgjEu0Y0kgZjSAI4qyGXGwAIVw0WLX8oaSyvGfr4F/speVAzaDmx1n2P3yBy
+Ke7L/w1fMq97fRgtvb21qACI5w/2+AO5FOqo2iCY0EwEvY3RHtt/fG7vVfGIHyED
+XeXI6POOZxl5Ar4ipXr4tz2gZfEY9wIDAQABAoICACs6rNyW3krMBx5rR9HXCZYH
+yFidzSdHQxjeITq4+fBqZLmTbq5Fxqc5eN4l1CN9OoKY1HC7zBo8bjSUPPjCw6I0
+QtIIR6mdl0Bvn8Zbw8Ufmd3hMryJgZAcRLzM3XmXjeEr89q5agkNVkmXirKypjut
+wgYAM7qJBVp5NLFQoi09GpTnoBoz/FALXmtrJJxS4TFQ+lEB84q2HYpKTmR/W7jo
+IQDcDd96KA2jpPWe1YrxqNRWIx9L86qZJyfaBAIMCe5vQgt+7d4RgEAb81gF051+
+y/7kcKoOGBWUkjGrRkhV5EFksg7j/pMm2HU8I2TB5PO5F6H3ycjCz5DJ+Hq/xmt/
+meBLHYQi8vLUR9bQHAYxiSbujabQymW37OOwuQG/j1kULafthIEOaq9ImKPWWNWG
+ZhjHOFFVKfLyBVNnOSv/tJq4d7eCexAyFFmneO5ZFAMeELl6l7WDtAONV9JM8kw1
+GLvoJ0wZ6IDNk5bprFKseTxFXmkMLnHr6NcErxBvrnjfEXQzwROFjhsXYlVBiSJX
+UyTus+dqJ0ferHhAFgEZXqUeoO47lQarKNkJmSxDmr6WJngX3+j76nhD6wyzXkyH
+s9sudDDwdIhlTk/lGMw/3tLnbip/pXY13tAGxMNL9O40LkUQde0NEG4N5ruOHta1
+u9QlyjDqYQ4T/iHicSkBAoIBAQDWgTK4e/9lLnKVdtntZACqPaHw7EcMJ6hNh2VB
+yCbvsOsMXyfLjLK+unJ23Y10iH8gRWRtqXSUIBjnuItvJDEbqOLGKEPN9dKI1o8C
+Jmxfoe2KlmUSKU5Y1iGDd4GM1wwTqsrZg3ABo1SzEOp6UL8R7UtyLLW/xlwz6dZx
+w9MKiG+N3s6cSI+spHeGWwfnNbnMG15p/0s4NYG/Nek0Z8AbyD7l3oCddO65UQPL
+o6DWEwUj+BHR5VzI/6aNfIrL4+1H7Y/YIaAQsmglVLkBhlYDa3o3W96C7/d/lzTs
+hjZzBNQZ9Ics2hEmv+bgs+/ZMe5ACL6Guu6fM60I7NrOEu93AoIBAQDPZUJmKWEX
+NBP2CdTMWsxWMR6XtAokqRCzxXRPuvYMeb421oB4eEmCnK+wDe3tfNvu1IKGU4P6
+Yeu0gRqWN0A5c1qnLMx9tkBKhN2W4GEPBIl4LYWlMgjSAy1Dv5puoJ5YhZJ1f8E0
+oJlPYc1xQF7yg7n1aDosuFm6iMa2R8Vixb1CSvP4kbgpMY2AyhhF2S8zOwmhydoV
+IK0Xqa6tWtGzwlwuvPQqUnMqMvTnUtc/nxFkIb6yC7XYUL+TqeEf5Q/GiooEKYyl
+J220D30/THYnwLL3e1H7nOLmYied06SlldizYulxy4TN7XWktLTahKuvXxYhh1Rt
+AW1s1Q2AlIKBAoIBAQCicZ9WpNjp6D3wQNyS8ZurURd1m4nGg7XqWLHvGkOaW5H1
+gY5ikP/AfvQ2XlxEtyYG62Y9wgm+L3yM52340iC6gLCUPmPy8snoxQvyJeUGm1uI
+C5MpKMzja+5fYD5kyWqk7j/Gb8qAAxAet53K2aGJUvpC0ecl/3NOATVcXF9TZ7WL
+bANtyWm85aR6xC99AmvdTZC3lxWA0MycYJhmDngm0gQIEvO1ypsLDnZgXl9sH2VS
+MwhTu24D7c9U8M8vz0GfqiG4HObaHjHOq5WbuP8kgd1BVTpyUIZPQtRalt1fR3XU
+3iEMb2xzuvp+iuYFxtFV/wlCgQg62midDLo7O43LAoIBAQCMSbeXeYgWdQDHnjDW
+ptivuPwzq/Jsh/wnTnp18Ea9e6CCYah3VQ6MjkZ9NX7q9Vmj/RXpnRaaSKBy8h20
+3NzRv8jjandM1fo5LhTiGRcuXGhM5aYQb37t6H425KWnDXju8jN2zZs4aSYrP0ID
+yIIxU493hDBNzcnMVvbrmDLZtF5oOGE9k/xZyQ4pvwqaPOYjplzGls6xGfBcIEhr
+NRLCoMdQSjpzYmBKfDuTOkMl4wiVjgn7T9aK41wjm3cP5xc7urzPQffEQ55+fTfA
+mI0YKM4mf8GeDKqjImQf62jlJS53cYHtmrhTv7ujVSU85x9nOk+zEGK4dY26X4eJ
+oWuBAoIBAQCW73dNVoFlf0uY+ffXqYvneY6NTURuCJHNdmzvoh70tqrFCmAQ2s5X
+KgJdpan4fRxfM9Y+HucIK5qhl/qdIA58QlxZV8qNMSbIH6fQbCzugKWp6WAOddof
+JDg0k6Aq3RUlveRW0AS+DKcCRHfOXJuJlkqhL72EjEkMDG7/HvfKKGbp5FAjEaYZ
+Te6O7qNQouM2aVcH+F2jQyo3OxouSWPFnSDH8mTwQWkQ7zzYFSPr4ZxohZRi1bRg
+pWDoCTeYqJCrK50dK3MVFz2+3PNiB+I04gGPmWhrOlhQa/jhHOOh5xIiscgLSGav
+R3E0tlcatxgHoASu3vVk7OwL0QhTuEXz
+-----END PRIVATE KEY-----
diff --git a/src/tests/test_CA/intermediate_CA/SSSD_test_intermediate_CA_key.pem b/src/tests/test_CA/intermediate_CA/SSSD_test_intermediate_CA_key.pem
new file mode 100644
index 0000000..a6a9b67
--- /dev/null
+++ b/src/tests/test_CA/intermediate_CA/SSSD_test_intermediate_CA_key.pem
@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQDKRmBGEP/6Dq6e
+Z8QwwgUzO/CS89qjYgpAniDTbLleLAKeUAZxncBIt542SHnPOP+qHwke2/vCCE5v
+Guuhs4qn9giBqP7KZ+VsNj9HM+6IewCkg2/QgC/O5hYeTyU41wZcslG2SCzlNy90
+0n280tyIUAlyNHglNDyF7Cf6A4QgNvi6Vi8i2ipFrkN+yOgZHizl7GCNO33F7SSn
+CWk93eoqUcBdsl9zNyP3kCYM1LQcIAzS2/b11Ai/eWi5FIqGJasMxHfPQ0Vdw9LG
+2yTeKR8Ej/onz9Y56O6xEmGUqJ2Wd9k4Jtkq0HZ+T/aXufYVt40kCfnCJ6SzHbY5
+D7R+nvzu8GH4ZJV6CwgrO/lTIZhcCWxZoaJjuMrAHBX2wv946NC+JahyCTjxAuVV
+itM4O9LOXMHkfYheVcXZbNZscVPB8pV0ZyjuoQsXHUSeY++lAra4XTsFBzjpXkfM
+ev5wDoO2P7VCzkGjx96oOoDaJnvrtLOBK1eW0lAZDa4uQ18FrnaR+4p7T+piiOGS
+xxhV5jgYDyjILZ4VlVdFow5BaGehpcirgZN7635fkYeLob5swswULIGBKoEqyhO7
+hLH2JTWKrEgkzB2B4ATNG3dQNMCzIgS6LdangCkXfpxJD/kTRqDZssKY4Gkb+7CR
+4iRibSoTopUn7zkBZrBnlcrRZQtkjQIDAQABAoICAH4xBaLwvCGOw1XDutwITyI1
+hNLJG1/OrEK/5A7Cx6p+nmuR1VNQbUNwel23PXcQQkAp+JCuARR+BiC+lL5eumQq
+1AfAHKS9yJ2IAlYzid7PjgkUjs9vCWR0mtvx2HDrhOaTwPKNeKTPluW05AjHLBpG
+hH4hScs8GX4bZJ1PUECgyu/FEMcXgEPUgfs478Or1arjmyDBOqgeWD11W5jjN1GL
+iw1pWK8SeXfbEEH0+SCKxjVOUXXwAD0kSzccH4etPFdMwsolV8M1hevVj9yhnt5D
+zHbF7QpXzYHey83om9fhkTy8z8MsJqCK1na151aJGp6fMpf0D4ZHRQW4TIyqN3Tl
+TdYB5Ss82GbwrK/a2+wWeMZJR7rIuguw1ptQ7VkfHA69kVzy0Q/gATZcQh8wm8KW
+kfLMGxDW2WzAKw19as+TdY+r/d1g8ls+gtpWsbBLO7zcs+Ufvl9Lwbwju/qdifM9
+OYeUbS/wP7teU5QzH9cjKCyZw8VH3eOkj8xa8fJW2eL/IgXqwAaP3x2d3fEfD/QY
+iCqe0RHd1stN4MjsyIgaz+fYeJ3hgqVA19AEV+/nTDRnCb8TGAsK9cb0hAIOl6pg
+VsGUyKMGKHot1qfpd+GbwqNMg14kcfnHKAeEmqvpIH9EjhP5RIm7MrNKbgoegmZK
+lf92fn3xneyhsgqWNdOBAoIBAQDxI/0kgTSLbJ5XhIVc5h6RKIDSFs0Hqys8v9xI
+kf3/qdYHsleTDRzIS8FdOjRzxic3B52qjchBD6P926TYclwpejwX/YnopkZcRcyq
+22hkkCaT0lqKBR88gpt257uC5pHxpKVD1FQMTRhMYGaWsuqpH5vJBiMcHH0ocEaM
+S7t+jdzqjHRjuU5aWsJTbOsULHoXumFFPMXIt+rNl991WoyZoyuTrrLWzKQeDKVM
+IpqY9W+q9NOlJRGQ9v8/ojBc09SS5ITh+LAAwKeOdMczcR1bDG4rvu9IGn0mLuML
+U6QZR8jYFcv1kHfznClgK2P11TQfglj5BiZxVUrnja93/8QdAoIBAQDWvUc6DGZy
+Bdf/EbV9ZNG/acXwVFNuFaYCpfWQgDnnJ0u8ooYuGnsZRTlhQCH01j9FJ/QpdgDZ
+bZFG6I+34nSvkMmst2Z7HBhqWcpwCM9aI90uxlYWvs8qSq7r+CkPEqMAYdtthR1b
+kn3Fopu3ocThWxHjzL5C3GRXoICmN89sQQ4rxZS8iyIh8YKeGVjhvfT+59bUK6kX
+qpsCEUUZmWFQeEhdMR8F1tHIOf1WZdwC0Tjg+8cf2113Ea2xDPn5KLb8/keSBVBo
+hGxW2CXM1HGAXaX9ESDr+zqgvyeNJEKcQhwBWVV32QkEAdWI/U+VkgdQtKaJHUat
+Ztgb7soKZVcxAoIBAD6M/1VAzsh73HcHQTDf4H3267OThou+svCHNDT+6cwv2f0V
+HfJfLGAohngQaRq/A90adKORM6jszbVEDHa4838u3fe7JNLcjtPQp06Kq4GqgtdF
+cYbr3TZtCrbFVbaW6LSt6NC3ezXVqb/mIbZloslMEbULin/4Q98BgMtTuccSNYQB
++w8DOnfloxLQ5gnNn74X8rNrGEMAsj+ybZybaG1SDjO41Vsyqj/BN/+P2lpjEBxg
+daYY/32DFKMFB1aM/E8+R9n2EHGhh9VEJYgKh3retpVSae9iL6R/9RUzFRYZsNec
+j9ObLgJbN8BigQN70pF51mqCVeaAIXX/Is0V42ECggEATMSL4xetxBOMvVYSYMqb
+JWfl6F3tGYzJtWapHEiK6rUkoUIk3/R9j3Is6jRoL0QsiEeZRP03noNKDWR0hJOD
+jYQgZQuHqnlHzTVeZqDvp9TsbJ1hB26dVwwt7pPf8dCCz08sh8Gv1h3PssjIDGTb
+oojRI3P9jJ+Hi8AIXePT1mqHa2SOIL1IrYPOY0DCgqlLHZm6Nk2JfLl0AtAzuMwZ
+exAVJqO56Hd8taztgWaWubccM2ovLJdamYeLZaEy+Dzy9gzdfzlBHqxAoudQ1CIa
+lX5lKcxmzZYZxn+v3whYe84yftT19gtz6qfRM9EDE4CJ9vMuGhSKQNFkbs/2ELNb
+8QKCAQAaIj5z/jNaan5VfaffBR86WQS1LRP+Ckn/WSDKZNlfCO++JTXRK4dFm0HH
+grFkyWpW+sui2aUvAoK0Ddk7fNyAhf29qslMC5VxLAlJ4sd/VVFTaBnyDOF2NCZS
+HXn3q3pgvf+TnYXpfdt8Q0rY4WnGfZO1fSX5HTc1dhknTiV6jGXXqt3z5MWT8+VZ
+fAcWcfQ9NYbqhi3gs4YGKkx7JVQN0dyl+W4+JNLFl0TPYA2tlk6cIkzr0qReWhdj
+5rUEur44TMONsEE6taetuRSVsl6iwNYfUrOYIXZuxrlVAFKC13Jqb6a8BH70z8N0
+91Ewk/mDtQkg086y4gCQIcaL04jE
+-----END PRIVATE KEY-----
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-19 05:31:45 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-19 05:31:45 +0000
commit	74aa0bc6779af38018a03fd2cf4419fe85917904 (patch)
tree	9cb0681aac9a94a49c153d5823e7a55d1513d91f /src/tests/test_CA/intermediate_CA
parent	Initial commit. (diff)
download	sssd-74aa0bc6779af38018a03fd2cf4419fe85917904.tar.xz sssd-74aa0bc6779af38018a03fd2cf4419fe85917904.zip