dearsky/numa
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases 25 Wiki Activity

fix: cross-platform CA trust (Arch/Fedora + Windows) #41

Merged
razvandimescu merged 4 commits from fix/cross-platform-ca-trust into main 2026-04-08 20:18:01 +08:00
Conversation 0 Commits 4 Files Changed 6 +14 -12
1 changed files with 14 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit b26d743404 - Show all commits

26
tests/manual/install-trust-macos.sh
View File

@@ -4,10 +4,16 @@
# #
# Mirrors src/system_dns.rs::trust_ca_macos / untrust_ca_macos by running # Mirrors src/system_dns.rs::trust_ca_macos / untrust_ca_macos by running
# the same `security` shell commands against a fixture cert with a unique # the same `security` shell commands against a fixture cert with a unique
# CN. Designed to coexist with a running production numa: refuses to run # CN. Safe to run alongside a production numa install:
# if a real "Numa Local CA" cert is already present in System.keychain, #
# and uses by-hash deletion (so it cannot accidentally touch a production # - Test cert CN = "Numa Local CA Test <pid-ts>", always strictly longer
# CA even in the unlikely event the bail-out check is bypassed). # than the production CN "Numa Local CA". `security find-certificate -c`
# does substring matching, so the test's search for $TEST_CN can never
# match the production cert (the search term is longer than the prod CN).
# - All deletes use `delete-certificate -Z <hash>`, which only touches the
# cert with that exact hash. Production and test certs have different
# hashes by construction (different key material), so the delete cannot
# reach the production cert even if a CN search somehow returned both.
# #
# Mutates the System keychain (briefly). Cleans up on success or interrupt. # Mutates the System keychain (briefly). Cleans up on success or interrupt.
# Requires sudo for `security add-trusted-cert` and `delete-certificate`. # Requires sudo for `security add-trusted-cert` and `delete-certificate`.
@@ -27,15 +33,11 @@ GREEN="\033[32m"; RED="\033[31m"; RESET="\033[0m"
PROD_CN="Numa Local CA" PROD_CN="Numa Local CA"
KEYCHAIN="/Library/Keychains/System.keychain" KEYCHAIN="/Library/Keychains/System.keychain"
# Refuse to run if a real Numa CA is installed. The test cert has a unique # Notice if production numa is already installed. We proceed regardless —
# CN that can never collide, but failing closed protects a dogfood install. # see header for why coexistence is safe (unique CN + by-hash deletion).
if security find-certificate -c "$PROD_CN" "$KEYCHAIN" >/dev/null 2>&1; then if security find-certificate -c "$PROD_CN" "$KEYCHAIN" >/dev/null 2>&1; then
printf "${RED}refuse:${RESET} a '%s' cert is already in %s.\n" "$PROD_CN" "$KEYCHAIN" echo " note: production '$PROD_CN' detected — proceeding alongside (test cert can't touch it)"
echo " This is your production numa CA. To avoid any chance of touching it," echo
echo " this test refuses to run. Either:"
echo " sudo numa uninstall # then rerun this test, then reinstall"
echo " or accept that the macOS path is covered by manual smoke instead."
exit 1
fi fi
# Unique CN ensures the test cert can never collide with production. # Unique CN ensures the test cert can never collide with production.