diff -Nru golang-github-cloudflare-cfssl-1.2.0+git20160825.89.7fb22c8/debian/changelog golang-github-cloudflare-cfssl-1.2.0+git20160825.89.7fb22c8/debian/changelog --- golang-github-cloudflare-cfssl-1.2.0+git20160825.89.7fb22c8/debian/changelog 2016-11-04 01:39:48.000000000 +0000 +++ golang-github-cloudflare-cfssl-1.2.0+git20160825.89.7fb22c8/debian/changelog 2017-04-14 02:27:22.000000000 +0000 @@ -1,3 +1,13 @@ +golang-github-cloudflare-cfssl (1.2.0+git20160825.89.7fb22c8-2) unstable; urgency=medium + + * Ignore binary-without-manpage Lintian message. + * Rename "mkbundle" binary to "cfssl-mkbundle" to avoid name clash + with mon-devel package. (Closes: #855509) + * Fix more test failures due to Debian build directory. + * Don't bundle test binaries maclient and maserver. + + -- Tim Potter Fri, 14 Apr 2017 12:27:22 +1000 + golang-github-cloudflare-cfssl (1.2.0+git20160825.89.7fb22c8-1) unstable; urgency=medium * Initial release (Closes: #854526) diff -Nru golang-github-cloudflare-cfssl-1.2.0+git20160825.89.7fb22c8/debian/control golang-github-cloudflare-cfssl-1.2.0+git20160825.89.7fb22c8/debian/control --- golang-github-cloudflare-cfssl-1.2.0+git20160825.89.7fb22c8/debian/control 2016-11-04 01:39:48.000000000 +0000 +++ golang-github-cloudflare-cfssl-1.2.0+git20160825.89.7fb22c8/debian/control 2017-04-13 23:22:17.000000000 +0000 @@ -5,6 +5,7 @@ Uploaders: Tim Potter Build-Depends: debhelper (>= 9), dh-golang, + dh-exec, golang-github-cloudflare-go-metrics-dev, golang-github-cloudflare-redoctober-dev, golang-github-geertjohan-go.rice-dev, @@ -58,4 +59,4 @@ well as create and manipulate traditional certificate structures using code or on the command line. . - This package contains the command line executables. \ No newline at end of file + This package contains the command line executables. diff -Nru golang-github-cloudflare-cfssl-1.2.0+git20160825.89.7fb22c8/debian/golang-cfssl.install golang-github-cloudflare-cfssl-1.2.0+git20160825.89.7fb22c8/debian/golang-cfssl.install --- golang-github-cloudflare-cfssl-1.2.0+git20160825.89.7fb22c8/debian/golang-cfssl.install 2016-11-04 01:39:48.000000000 +0000 +++ golang-github-cloudflare-cfssl-1.2.0+git20160825.89.7fb22c8/debian/golang-cfssl.install 2017-04-14 02:25:56.000000000 +0000 @@ -1 +1,9 @@ -usr/bin \ No newline at end of file +#!/usr/bin/dh-exec +usr/bin/cfssl +usr/bin/cfssl-bundle +usr/bin/cfssl-certinfo +usr/bin/cfssl-newkey +usr/bin/cfssl-scan +usr/bin/cfssljson +usr/bin/mkbundle => usr/bin/cfssl-mkbundle +usr/bin/multirootca diff -Nru golang-github-cloudflare-cfssl-1.2.0+git20160825.89.7fb22c8/debian/golang-cfssl.lintian-overrides golang-github-cloudflare-cfssl-1.2.0+git20160825.89.7fb22c8/debian/golang-cfssl.lintian-overrides --- golang-github-cloudflare-cfssl-1.2.0+git20160825.89.7fb22c8/debian/golang-cfssl.lintian-overrides 1970-01-01 00:00:00.000000000 +0000 +++ golang-github-cloudflare-cfssl-1.2.0+git20160825.89.7fb22c8/debian/golang-cfssl.lintian-overrides 2017-04-13 23:15:57.000000000 +0000 @@ -0,0 +1 @@ +golang-cfssl: binary-without-manpage diff -Nru golang-github-cloudflare-cfssl-1.2.0+git20160825.89.7fb22c8/debian/patches/test-fixture-locations.patch golang-github-cloudflare-cfssl-1.2.0+git20160825.89.7fb22c8/debian/patches/test-fixture-locations.patch --- golang-github-cloudflare-cfssl-1.2.0+git20160825.89.7fb22c8/debian/patches/test-fixture-locations.patch 2016-11-04 01:39:48.000000000 +0000 +++ golang-github-cloudflare-cfssl-1.2.0+git20160825.89.7fb22c8/debian/patches/test-fixture-locations.patch 2017-04-14 02:13:50.000000000 +0000 @@ -78,3 +78,631 @@ ) func TestNewCRLFromFile(t *testing.T) { +Index: golang-github-cloudflare-cfssl/api/generator/generator_test.go +=================================================================== +--- golang-github-cloudflare-cfssl.orig/api/generator/generator_test.go ++++ golang-github-cloudflare-cfssl/api/generator/generator_test.go +@@ -14,8 +14,8 @@ import ( + ) + + const ( +- testCaFile = "testdata/ca.pem" +- testCaKeyFile = "testdata/ca_key.pem" ++ testCaFile = "../../../../../../../api/generator/testdata/ca.pem" ++ testCaKeyFile = "../../../../../../../api/generator/testdata/ca_key.pem" + ) + + func csrData(t *testing.T) *bytes.Reader { +Index: golang-github-cloudflare-cfssl/api/sign/sign_test.go +=================================================================== +--- golang-github-cloudflare-cfssl.orig/api/sign/sign_test.go ++++ golang-github-cloudflare-cfssl/api/sign/sign_test.go +@@ -16,11 +16,11 @@ import ( + ) + + const ( +- testCaFile = "../testdata/ca.pem" +- testCaKeyFile = "../testdata/ca_key.pem" +- testCSRFile = "../testdata/csr.pem" +- testBrokenCertFile = "../testdata/broken.pem" +- testBrokenCSRFile = "../testdata/broken_csr.pem" ++ testCaFile = "../../../../../../../api/testdata/ca.pem" ++ testCaKeyFile = "../../../../../../../api/testdata/ca_key.pem" ++ testCSRFile = "../../../../../../../api/testdata/csr.pem" ++ testBrokenCertFile = "../../../../../../../api/testdata/broken.pem" ++ testBrokenCSRFile = "../../../../../../../api/testdata/broken_csr.pem" + ) + + var validLocalConfig = ` +Index: golang-github-cloudflare-cfssl/cli/sign/sign_test.go +=================================================================== +--- golang-github-cloudflare-cfssl.orig/cli/sign/sign_test.go ++++ golang-github-cloudflare-cfssl/cli/sign/sign_test.go +@@ -9,28 +9,28 @@ import ( + ) + + func TestSignFromConfig(t *testing.T) { +- _, err := SignerFromConfig(cli.Config{CAFile: "../../testdata/server.crt", +- CAKeyFile: "../../testdata/server.key", Hostname: "www.cloudflare.com", Remote: "127.0.0.1:8888"}) ++ _, err := SignerFromConfig(cli.Config{CAFile: "../../../../../../../cli/testdata/server.crt", ++ CAKeyFile: "../../../../../../../cli/testdata/server.key", Hostname: "www.cloudflare.com", Remote: "127.0.0.1:8888"}) + if err != nil { + t.Fatal(err) + } + } + + func TestSignerMain(t *testing.T) { +- err := signerMain([]string{"../../testdata/server.csr"}, cli.Config{CAFile: "../../testdata/server.crt", +- CAKeyFile: "../../testdata/server.key", Hostname: "www.cloudflare.com"}) ++ err := signerMain([]string{"../../../../../../../cli/testdata/server.csr"}, cli.Config{CAFile: "../../testdata/server.crt", ++ CAKeyFile: "../../../../../../../cli/testdata/server.key", Hostname: "www.cloudflare.com"}) + if err != nil { + t.Fatal(err) + } + } + + func TestBadSigner(t *testing.T) { +- err := signerMain([]string{"../../testdata/server.csr"}, cli.Config{CAFile: "", CAKeyFile: ""}) ++ err := signerMain([]string{"../../../../../../../cli/testdata/server.csr"}, cli.Config{CAFile: "", CAKeyFile: ""}) + if err != nil { + t.Fatal(err) + } +- err = signerMain([]string{"../../testdata/server.csr"}, +- cli.Config{CAFile: "../../testdata/server.crt", CAKeyFile: ""}) ++ err = signerMain([]string{"../../../../../../../cli/testdata/server.csr"}, ++ cli.Config{CAFile: "../../../../../../../cli/testdata/server.crt", CAKeyFile: ""}) + if err != nil { + t.Fatal(err) + } +@@ -38,10 +38,10 @@ func TestBadSigner(t *testing.T) { + + func TestSignerWithDB(t *testing.T) { + db := testdb.SQLiteDB("../../certdb/testdb/certstore_development.db") +- err := signerMain([]string{"../../testdata/server.csr"}, ++ err := signerMain([]string{"../../../../../../../cli/testdata/server.csr"}, + cli.Config{ +- CAFile: "../../testdata/server.crt", +- CAKeyFile: "../../testdata/server.key", ++ CAFile: "../../../../../../../cli/testdata/server.crt", ++ CAKeyFile: "../../../../../../../cli/testdata/server.key", + Hostname: "www.cloudflare.com", + DBConfigFile: "../testdata/db-config.json"}) + if err != nil { +Index: golang-github-cloudflare-cfssl/api/info/info_test.go +=================================================================== +--- golang-github-cloudflare-cfssl.orig/api/info/info_test.go ++++ golang-github-cloudflare-cfssl/api/info/info_test.go +@@ -14,12 +14,12 @@ import ( + ) + + const ( +- testCaFile = "../testdata/ca.pem" +- testCaKeyFile = "../testdata/ca_key.pem" ++ testCaFile = "../../../../../../../api/testdata/ca.pem" ++ testCaKeyFile = "../../../../../../../api/testdata/ca_key.pem" + + // second test CA for multiroot +- testCaFile2 = "../testdata/ca2.pem" +- testCaKeyFile2 = "../testdata/ca2-key.pem" ++ testCaFile2 = "../../../../../../../api/testdata/ca2.pem" ++ testCaKeyFile2 = "../../../../../../../api/testdata/ca2-key.pem" + ) + + // Generally, the single root function and its multiroot analogue will +Index: golang-github-cloudflare-cfssl/api/signhandler/signhandler_test.go +=================================================================== +--- golang-github-cloudflare-cfssl.orig/api/signhandler/signhandler_test.go ++++ golang-github-cloudflare-cfssl/api/signhandler/signhandler_test.go +@@ -18,9 +18,9 @@ import ( + ) + + const ( +- testCaFile = "../testdata/ca.pem" +- testCaKeyFile = "../testdata/ca_key.pem" +- testCSRFile = "../testdata/csr.pem" ++ testCaFile = "../../../../../../../api/testdata/ca.pem" ++ testCaKeyFile = "../../../../../../../api/testdata/ca_key.pem" ++ testCSRFile = "../../../../../../../api/testdata/csr.pem" + ) + + // GetUnexpiredCertificates sometimes doesn't return a certificate with an +Index: golang-github-cloudflare-cfssl/auth/auth_test.go +=================================================================== +--- golang-github-cloudflare-cfssl.orig/auth/auth_test.go ++++ golang-github-cloudflare-cfssl/auth/auth_test.go +@@ -107,7 +107,7 @@ func TestNullRequest(t *testing.T) { + + // Sanity check: verify a pre-generated authenticated request. + func TestPreGenerated(t *testing.T) { +- in, err := ioutil.ReadFile("testdata/authrequest.json") ++ in, err := ioutil.ReadFile("../../../../../../auth/testdata/authrequest.json") + if err != nil { + t.Fatalf("%v", err) + } +@@ -126,7 +126,7 @@ func TestPreGenerated(t *testing.T) { + var bmRequest []byte + + func TestLoadBenchmarkRequest(t *testing.T) { +- in, err := ioutil.ReadFile("testdata/request.json") ++ in, err := ioutil.ReadFile("../../../../../../auth/testdata/request.json") + if err != nil { + t.Fatalf("%v", err) + } +Index: golang-github-cloudflare-cfssl/ocsp/ocsp_test.go +=================================================================== +--- golang-github-cloudflare-cfssl.orig/ocsp/ocsp_test.go ++++ golang-github-cloudflare-cfssl/ocsp/ocsp_test.go +@@ -10,13 +10,13 @@ import ( + ) + + const ( +- serverCertFile = "testdata/ca.pem" +- serverKeyFile = "testdata/ca-key.pem" +- otherCertFile = "testdata/cert.pem" +- brokenServerCert = "testdata/server_broken.crt" +- brokenServerKey = "testdata/server_broken.key" +- wrongServerCertFile = "testdata/server.crt" +- wrongServerKeyFile = "testdata/server.key" ++ serverCertFile = "../../../../../../ocsp/testdata/ca.pem" ++ serverKeyFile = "../../../../../../ocsp/testdata/ca-key.pem" ++ otherCertFile = "../../../../../../ocsp/testdata/cert.pem" ++ brokenServerCert = "../../../../../../ocsp/testdata/server_broken.crt" ++ brokenServerKey = "../../../../../../ocsp/testdata/server_broken.key" ++ wrongServerCertFile = "../../../../../../ocsp/testdata/server.crt" ++ wrongServerKeyFile = "../../../../../../ocsp/testdata/server.key" + ) + + func TestNewSignerFromFile(t *testing.T) { +Index: golang-github-cloudflare-cfssl/bundler/bundler_test.go +=================================================================== +--- golang-github-cloudflare-cfssl.orig/bundler/bundler_test.go ++++ golang-github-cloudflare-cfssl/bundler/bundler_test.go +@@ -19,19 +19,19 @@ import ( + ) + + const ( +- testCaBundle = "testdata/ca-bundle.pem" +- testIntCaBundle = "testdata/int-bundle.pem" +- testNSSRootBundle = "testdata/nss.pem" +- testMetadata = "testdata/ca-bundle.crt.metadata" +- testCFSSLRootBundle = "testdata/ca.pem" +- testCAFile = "testdata/ca.pem" +- testCAKeyFile = "testdata/ca.key" +- testCFSSLIntBundle = "testdata/intermediates.crt" +- emptyPEM = "testdata/empty.pem" +- interL1SHA1 = "testdata/inter-L1-sha1.pem" +- interL1Key = "testdata/inter-L1.key" +- interL2SHA2 = "testdata/inter-L2.pem" +- interL2Key = "testdata/inter-L2.key" ++ testCaBundle = "../../../../../../bundler/testdata/ca-bundle.pem" ++ testIntCaBundle = "../../../../../../bundler/testdata/int-bundle.pem" ++ testNSSRootBundle = "../../../../../../bundler/testdata/nss.pem" ++ testMetadata = "../../../../../../bundler/testdata/ca-bundle.crt.metadata" ++ testCFSSLRootBundle = "../../../../../../bundler/testdata/ca.pem" ++ testCAFile = "../../../../../../bundler/testdata/ca.pem" ++ testCAKeyFile = "../../../../../../bundler/testdata/ca.key" ++ testCFSSLIntBundle = "../../../../../../bundler/testdata/intermediates.crt" ++ emptyPEM = "../../../../../../bundler/testdata/empty.pem" ++ interL1SHA1 = "../../../../../../bundler/testdata/inter-L1-sha1.pem" ++ interL1Key = "../../../../../../bundler/testdata/inter-L1.key" ++ interL2SHA2 = "../../../../../../bundler/testdata/inter-L2.pem" ++ interL2Key = "../../../../../../bundler/testdata/inter-L2.key" + ) + + // Simply create a bundler +@@ -40,7 +40,7 @@ func TestNewBundler(t *testing.T) { + } + + func TestNewBundlerMissingCA(t *testing.T) { +- badFile := "testdata/no_such_file.pem" ++ badFile := "../../../../../../bundler/testdata/no_such_file.pem" + _, err := NewBundler(badFile, testIntCaBundle) + if err == nil { + t.Fatal("Should fail with error code 4001") +@@ -52,7 +52,7 @@ func TestNewBundlerMissingCA(t *testing. + } + + func TestNewBundlerMissingIntermediate(t *testing.T) { +- badFile := "testdata/no_such_file.pem" ++ badFile := "../../../../../../bundler/testdata/no_such_file.pem" + _, err := NewBundler(testCaBundle, badFile) + if err == nil { + t.Fatal("Should fail with error code 3001") +Index: golang-github-cloudflare-cfssl/bundler/bundle_from_file_test.go +=================================================================== +--- golang-github-cloudflare-cfssl.orig/bundler/bundle_from_file_test.go ++++ golang-github-cloudflare-cfssl/bundler/bundle_from_file_test.go +@@ -50,31 +50,31 @@ Using inter-L2-direct as additional inte + bundle chain. + */ + const ( +- leafECDSA256 = "testdata/cfssl-leaf-ecdsa256.pem" +- leafECDSA384 = "testdata/cfssl-leaf-ecdsa384.pem" +- leafECDSA521 = "testdata/cfssl-leaf-ecdsa521.pem" +- leafRSA2048 = "testdata/cfssl-leaf-rsa2048.pem" +- leafRSA3072 = "testdata/cfssl-leaf-rsa3072.pem" +- leafRSA4096 = "testdata/cfssl-leaf-rsa4096.pem" +- leafKeyECDSA256 = "testdata/cfssl-leaf-ecdsa256.key" +- leafKeyECDSA384 = "testdata/cfssl-leaf-ecdsa384.key" +- leafKeyECDSA521 = "testdata/cfssl-leaf-ecdsa521.key" +- leafKeyRSA2048 = "testdata/cfssl-leaf-rsa2048.key" +- leafKeyRSA3072 = "testdata/cfssl-leaf-rsa3072.key" +- leafKeyRSA4096 = "testdata/cfssl-leaf-rsa4096.key" +- leafletRSA4096 = "testdata/cfssl-leaflet-rsa4096.pem" +- interL1 = "testdata/inter-L1.pem" +- interL1Expired = "testdata/inter-L1-expired.pem" +- interL1CSR = "testdata/inter-L1.csr" +- interL2 = "testdata/inter-L2.pem" ++ leafECDSA256 = "../../../../../../bundler/testdata/cfssl-leaf-ecdsa256.pem" ++ leafECDSA384 = "../../../../../../bundler/testdata/cfssl-leaf-ecdsa384.pem" ++ leafECDSA521 = "../../../../../../bundler/testdata/cfssl-leaf-ecdsa521.pem" ++ leafRSA2048 = "../../../../../../bundler/testdata/cfssl-leaf-rsa2048.pem" ++ leafRSA3072 = "../../../../../../bundler/testdata/cfssl-leaf-rsa3072.pem" ++ leafRSA4096 = "../../../../../../bundler/testdata/cfssl-leaf-rsa4096.pem" ++ leafKeyECDSA256 = "../../../../../../bundler/testdata/cfssl-leaf-ecdsa256.key" ++ leafKeyECDSA384 = "../../../../../../bundler/testdata/cfssl-leaf-ecdsa384.key" ++ leafKeyECDSA521 = "../../../../../../bundler/testdata/cfssl-leaf-ecdsa521.key" ++ leafKeyRSA2048 = "../../../../../../bundler/testdata/cfssl-leaf-rsa2048.key" ++ leafKeyRSA3072 = "../../../../../../bundler/testdata/cfssl-leaf-rsa3072.key" ++ leafKeyRSA4096 = "../../../../../../bundler/testdata/cfssl-leaf-rsa4096.key" ++ leafletRSA4096 = "../../../../../../bundler/testdata/cfssl-leaflet-rsa4096.pem" ++ interL1 = "../../../../../../bundler/testdata/inter-L1.pem" ++ interL1Expired = "../../../../../../bundler/testdata/inter-L1-expired.pem" ++ interL1CSR = "../../../../../../bundler/testdata/inter-L1.csr" ++ interL2 = "../../../../../../bundler/testdata/inter-L2.pem" + +- interL2Direct = "testdata/inter-L2-direct.pem" +- partialBundle = "testdata/partial-bundle.pem" // partialBundle is a partial cert chain {leaf-ecds256, inter-L2} +- rpBundle = "testdata/reverse-partial-bundle.pem" // partialBundle is a partial cert chain in the reverse order {inter-L2, leaf-ecdsa256} +- badBundle = "testdata/bad-bundle.pem" // badBundle is a non-verifying partial bundle {leaf-ecdsa256, leaf-ecdsa384} +- interL2CSR = "testdata/inter-L2.csr" +- certDSA2048 = "testdata/dsa2048.pem" +- keyDSA2048 = "testdata/dsa2048.key" ++ interL2Direct = "../../../../../../bundler/testdata/inter-L2-direct.pem" ++ partialBundle = "../../../../../../bundler/testdata/partial-bundle.pem" // partialBundle is a partial cert chain {leaf-ecds256, inter-L2} ++ rpBundle = "../../../../../../bundler/testdata/reverse-partial-bundle.pem" // partialBundle is a partial cert chain in the reverse order {inter-L2, leaf-ecdsa256} ++ badBundle = "../../../../../../bundler/testdata/bad-bundle.pem" // badBundle is a non-verifying partial bundle {leaf-ecdsa256, leaf-ecdsa384} ++ interL2CSR = "../../../../../../bundler/testdata/inter-L2.csr" ++ certDSA2048 = "../../../../../../bundler/testdata/dsa2048.pem" ++ keyDSA2048 = "../../../../../../bundler/testdata/dsa2048.key" + ) + + // BundleFromFile test cases. +Index: golang-github-cloudflare-cfssl/certdb/dbconf/db_config_test.go +=================================================================== +--- golang-github-cloudflare-cfssl.orig/certdb/dbconf/db_config_test.go ++++ golang-github-cloudflare-cfssl/certdb/dbconf/db_config_test.go +@@ -7,7 +7,7 @@ import ( + ) + + func TestLoadFile(t *testing.T) { +- config, err := LoadFile("testdata/db-config.json") ++ config, err := LoadFile("../../../../../../../certdb/dbconf/testdata/db-config.json") + if err != nil || config == nil { + t.Fatal("Failed to load test db-config file ", err) + } +@@ -19,12 +19,12 @@ func TestLoadFile(t *testing.T) { + } + + func TestDBFromConfig(t *testing.T) { +- db, err := DBFromConfig("testdata/db-config.json") ++ db, err := DBFromConfig("../../../../../../../certdb/dbconf/testdata/db-config.json") + if err != nil || db == nil { + t.Fatal("Failed to open db from test db-config file") + } + +- db, err = DBFromConfig("testdata/bad-db-config.json") ++ db, err = DBFromConfig("../../../../../../../certdb/dbconf/testdata/bad-db-config.json") + if err == nil || db != nil { + t.Fatal("Expected failure opening invalid db") + } +Index: golang-github-cloudflare-cfssl/signer/local/local_test.go +=================================================================== +--- golang-github-cloudflare-cfssl.orig/signer/local/local_test.go ++++ golang-github-cloudflare-cfssl/signer/local/local_test.go +@@ -26,13 +26,13 @@ import ( + ) + + const ( +- fullSubjectCSR = "testdata/test.csr" +- testCSR = "testdata/ecdsa256.csr" +- testSANCSR = "testdata/san_domain.csr" +- testCaFile = "testdata/ca.pem" +- testCaKeyFile = "testdata/ca_key.pem" +- testECDSACaFile = "testdata/ecdsa256_ca.pem" +- testECDSACaKeyFile = "testdata/ecdsa256_ca_key.pem" ++ fullSubjectCSR = "../../../../../../../signer/local/testdata/test.csr" ++ testCSR = "../../../../../../../signer/local/testdata/ecdsa256.csr" ++ testSANCSR = "../../../../../../../signer/local/testdata/san_domain.csr" ++ testCaFile = "../../../../../../../signer/local/testdata/ca.pem" ++ testCaKeyFile = "../../../../../../../signer/local/testdata/ca_key.pem" ++ testECDSACaFile = "../../../../../../../signer/local/testdata/ecdsa256_ca.pem" ++ testECDSACaKeyFile = "../../../../../../../signer/local/testdata/ecdsa256_ca_key.pem" + ) + + var expiry = 1 * time.Minute +@@ -133,12 +133,12 @@ func TestNewSignerFromFileEdgeCases(t *t + t.Fatal("Incorrect inputs failed to produce correct results") + } + +- res, err = NewSignerFromFile("../../helpers/testdata/messedupcert.pem", "local.go", nil) ++ res, err = NewSignerFromFile("../../../../../helpers/testdata/messedupcert.pem", "local.go", nil) + if res != nil && err == nil { + t.Fatal("Incorrect inputs failed to produce correct results") + } + +- res, err = NewSignerFromFile("../../helpers/testdata/cert.pem", "../../helpers/testdata/messed_up_priv_key.pem", nil) ++ res, err = NewSignerFromFile("../../../../../helpers/testdata/cert.pem", "../../../../../helpers/testdata/messed_up_priv_key.pem", nil) + if res != nil && err == nil { + t.Fatal("Incorrect inputs failed to produce correct results") + } +@@ -146,12 +146,12 @@ func TestNewSignerFromFileEdgeCases(t *t + + // test the private method + func testSign(t *testing.T) { +- signer, err := NewSignerFromFile("testdata/ca.pem", "testdata/ca_key.pem", nil) ++ signer, err := NewSignerFromFile("../../../../../../../signer/local/testdata/ca.pem", "../../../../../../../signer/local/testdata/ca_key.pem", nil) + if signer == nil || err != nil { + t.Fatal("Failed to produce signer") + } + +- pem, _ := ioutil.ReadFile("../../helpers/testdata/cert.pem") ++ pem, _ := ioutil.ReadFile("../../../../../../../helpers/testdata/cert.pem") + cert, _ := helpers.ParseCertificatePEM(pem) + + badcert := *cert +@@ -212,7 +212,7 @@ func testSign(t *testing.T) { + + func TestSign(t *testing.T) { + testSign(t) +- s, err := NewSignerFromFile("testdata/ca.pem", "testdata/ca_key.pem", nil) ++ s, err := NewSignerFromFile("../../../../../../../signer/local/testdata/ca.pem", "../../../../../../../signer/local/testdata/ca_key.pem", nil) + if err != nil { + t.Fatal("Failed to produce signer") + } +@@ -224,13 +224,13 @@ func TestSign(t *testing.T) { + } + + // not a csr +- certPem, err := ioutil.ReadFile("../../helpers/testdata/cert.pem") ++ certPem, err := ioutil.ReadFile("../../../../../helpers/testdata/cert.pem") + if err != nil { + t.Fatal(err) + } + + // csr with ip as hostname +- pem, err := ioutil.ReadFile("testdata/ip.csr") ++ pem, err := ioutil.ReadFile("../../../../../../../signer/local/testdata/ip.csr") + if err != nil { + t.Fatal(err) + } +@@ -248,7 +248,7 @@ func TestSign(t *testing.T) { + t.Fatal("A bad case failed to raise an error") + } + +- pem, err = ioutil.ReadFile("testdata/ex.csr") ++ pem, err = ioutil.ReadFile("../../../../../../../signer/local/testdata/ex.csr") + validReq = signer.SignRequest{ + Request: string(pem), + Hosts: []string{"example.com"}, +@@ -260,7 +260,7 @@ func TestSign(t *testing.T) { + } + + func TestCertificate(t *testing.T) { +- s, err := NewSignerFromFile("testdata/ca.pem", "testdata/ca_key.pem", nil) ++ s, err := NewSignerFromFile("../../../../../../../signer/local/testdata/ca.pem", "../../../../../../../signer/local/testdata/ca_key.pem", nil) + if err != nil { + t.Fatal(err) + } +@@ -272,7 +272,7 @@ func TestCertificate(t *testing.T) { + } + + func TestPolicy(t *testing.T) { +- s, err := NewSignerFromFile("testdata/ca.pem", "testdata/ca_key.pem", nil) ++ s, err := NewSignerFromFile("../../../../../../../signer/local/testdata/ca.pem", "../../../../../../../signer/local/testdata/ca_key.pem", nil) + if err != nil { + t.Fatal(err) + } +@@ -331,43 +331,43 @@ func ExpectError() func(*testing.T, erro + + var csrTests = []csrTest{ + { +- file: "testdata/rsa2048.csr", ++ file: "../../../../../../../signer/local/testdata/rsa2048.csr", + keyAlgo: "rsa", + keyLen: 2048, + errorCallback: nil, + }, + { +- file: "testdata/rsa3072.csr", ++ file: "../../../../../../../signer/local/testdata/rsa3072.csr", + keyAlgo: "rsa", + keyLen: 3072, + errorCallback: nil, + }, + { +- file: "testdata/rsa4096.csr", ++ file: "../../../../../../../signer/local/testdata/rsa4096.csr", + keyAlgo: "rsa", + keyLen: 4096, + errorCallback: nil, + }, + { +- file: "testdata/ecdsa256.csr", ++ file: "../../../../../../../signer/local/testdata/ecdsa256.csr", + keyAlgo: "ecdsa", + keyLen: 256, + errorCallback: nil, + }, + { +- file: "testdata/ecdsa384.csr", ++ file: "../../../../../../../signer/local/testdata/ecdsa384.csr", + keyAlgo: "ecdsa", + keyLen: 384, + errorCallback: nil, + }, + { +- file: "testdata/ecdsa521.csr", ++ file: "../../../../../../../signer/local/testdata/ecdsa521.csr", + keyAlgo: "ecdsa", + keyLen: 521, + errorCallback: nil, + }, + { +- file: "testdata/rsa-old.csr", ++ file: "../../../../../../../signer/local/testdata/rsa-old.csr", + keyAlgo: "rsa", + keyLen: 2048, + errorCallback: nil, +@@ -431,10 +431,10 @@ func TestECDSASigner(t *testing.T) { + } + + const ( +- ecdsaInterCSR = "testdata/ecdsa256-inter.csr" +- ecdsaInterKey = "testdata/ecdsa256-inter.key" +- rsaInterCSR = "testdata/rsa2048-inter.csr" +- rsaInterKey = "testdata/rsa2048-inter.key" ++ ecdsaInterCSR = "../../../../../../../signer/local/testdata/ecdsa256-inter.csr" ++ ecdsaInterKey = "../../../../../../../signer/local/testdata/ecdsa256-inter.key" ++ rsaInterCSR = "../../../../../../../signer/local/testdata/rsa2048-inter.csr" ++ rsaInterKey = "../../../../../../../signer/local/testdata/rsa2048-inter.key" + ) + + func TestCAIssuing(t *testing.T) { +@@ -739,7 +739,7 @@ func TestCASignPathlen(t *testing.T) { + caCertFile: testECDSACaFile, + caKeyFile: testECDSACaKeyFile, + caProfile: true, +- csrFile: "testdata/inter_pathlen_0.csr", ++ csrFile: "../../../../../../../signer/local/testdata/inter_pathlen_0.csr", + err: nil, + pathlen: 0, + isZero: true, +@@ -750,7 +750,7 @@ func TestCASignPathlen(t *testing.T) { + caCertFile: testECDSACaFile, + caKeyFile: testECDSACaKeyFile, + caProfile: true, +- csrFile: "testdata/inter_pathlen_1.csr", ++ csrFile: "../../../../../../../signer/local/testdata/inter_pathlen_1.csr", + err: cferr.New(cferr.PolicyError, cferr.InvalidRequest), + }, + { +@@ -758,7 +758,7 @@ func TestCASignPathlen(t *testing.T) { + caCertFile: testCaFile, + caKeyFile: testCaKeyFile, + caProfile: true, +- csrFile: "testdata/inter_pathlen_0.csr", ++ csrFile: "../../../../../../../signer/local/testdata/inter_pathlen_0.csr", + err: cferr.New(cferr.PolicyError, cferr.InvalidRequest), + }, + { +@@ -766,7 +766,7 @@ func TestCASignPathlen(t *testing.T) { + caCertFile: testCaFile, + caKeyFile: testCaKeyFile, + caProfile: true, +- csrFile: "testdata/inter_pathlen_1.csr", ++ csrFile: "../../../../../../../signer/local/testdata/inter_pathlen_1.csr", + err: cferr.New(cferr.PolicyError, cferr.InvalidRequest), + }, + { +@@ -774,7 +774,7 @@ func TestCASignPathlen(t *testing.T) { + caCertFile: testCaFile, + caKeyFile: testCaKeyFile, + caProfile: true, +- csrFile: "testdata/inter_pathlen_unspecified.csr", ++ csrFile: "../../../../../../../signer/local/testdata/inter_pathlen_unspecified.csr", + err: cferr.New(cferr.PolicyError, cferr.InvalidRequest), + }, + { +@@ -782,7 +782,7 @@ func TestCASignPathlen(t *testing.T) { + caCertFile: testECDSACaFile, + caKeyFile: testECDSACaKeyFile, + caProfile: true, +- csrFile: "testdata/inter_pathlen_unspecified.csr", ++ csrFile: "../../../../../../../signer/local/testdata/inter_pathlen_unspecified.csr", + err: nil, + // golang x509 parses unspecified pathlen as MaxPathLen == -1 and + // MaxPathLenZero == false +@@ -795,7 +795,7 @@ func TestCASignPathlen(t *testing.T) { + caCertFile: testECDSACaFile, + caKeyFile: testECDSACaKeyFile, + caProfile: false, +- csrFile: "testdata/inter_pathlen_0.csr", ++ csrFile: "../../../../../../../signer/local/testdata/inter_pathlen_0.csr", + err: cferr.New(cferr.PolicyError, cferr.InvalidRequest), + }, + { +@@ -803,7 +803,7 @@ func TestCASignPathlen(t *testing.T) { + caCertFile: testECDSACaFile, + caKeyFile: testECDSACaKeyFile, + caProfile: false, +- csrFile: "testdata/inter_pathlen_1.csr", ++ csrFile: "../../../../../../../signer/local/testdata/inter_pathlen_1.csr", + err: cferr.New(cferr.PolicyError, cferr.InvalidRequest), + }, + { +@@ -811,7 +811,7 @@ func TestCASignPathlen(t *testing.T) { + caCertFile: testECDSACaFile, + caKeyFile: testECDSACaKeyFile, + caProfile: false, +- csrFile: "testdata/inter_pathlen_unspecified.csr", ++ csrFile: "../../../../../../../signer/local/testdata/inter_pathlen_unspecified.csr", + err: cferr.New(cferr.PolicyError, cferr.InvalidRequest), + }, + } +@@ -1183,7 +1183,7 @@ func TestCTFailure(t *testing.T) { + t.Fatalf("%v", err) + } + var pem []byte +- pem, err = ioutil.ReadFile("testdata/ex.csr") ++ pem, err = ioutil.ReadFile("../../../../../../../signer/local/testdata/ex.csr") + if err != nil { + t.Fatalf("%v", err) + } +@@ -1220,7 +1220,7 @@ func TestCTSuccess(t *testing.T) { + t.Fatalf("%v", err) + } + var pem []byte +- pem, err = ioutil.ReadFile("testdata/ex.csr") ++ pem, err = ioutil.ReadFile("../../../../../../../signer/local/testdata/ex.csr") + if err != nil { + t.Fatalf("%v", err) + } +Index: golang-github-cloudflare-cfssl/signer/remote/remote_test.go +=================================================================== +--- golang-github-cloudflare-cfssl.orig/signer/remote/remote_test.go ++++ golang-github-cloudflare-cfssl/signer/remote/remote_test.go +@@ -23,12 +23,12 @@ import ( + ) + + const ( +- testCaFile = "testdata/ca.pem" +- testCaKeyFile = "testdata/ca_key.pem" +- testServerFile = "testdata/server.pem" +- testServerKeyFile = "testdata/server-key.pem" +- testClientFile = "testdata/client.pem" +- testClientKeyFile = "testdata/client-key.pem" ++ testCaFile = "../../../../../../../signer/remote/testdata/ca.pem" ++ testCaKeyFile = "../../../../../../../signer/remote/testdata/ca_key.pem" ++ testServerFile = "../../../../../../../signer/remote/testdata/server.pem" ++ testServerKeyFile = "../../../../../../../signer/remote/testdata/server-key.pem" ++ testClientFile = "../../../../../../../signer/remote/testdata/client.pem" ++ testClientKeyFile = "../../../../../../../signer/remote/testdata/client-key.pem" + ) + + var validMinimalRemoteConfig = ` +Index: golang-github-cloudflare-cfssl/signer/universal/universal_test.go +=================================================================== +--- golang-github-cloudflare-cfssl.orig/signer/universal/universal_test.go ++++ golang-github-cloudflare-cfssl/signer/universal/universal_test.go +@@ -20,8 +20,8 @@ import ( + ) + + const ( +- testCaFile = "../local/testdata/ca.pem" +- testCaKeyFile = "../local/testdata/ca_key.pem" ++ testCaFile = "../../../../../../../signer/local/testdata/ca.pem" ++ testCaKeyFile = "../../../../../../../signer/local/testdata/ca_key.pem" + ) + + var expiry = 1 * time.Minute