From 575fa69ca53ad3eb20ccca557ae86d5c59bf08fa Mon Sep 17 00:00:00 2001
From: James Sumners <jsumners@newrelic.com>
Date: Wed, 23 Oct 2024 13:54:44 -0400
Subject: [PATCH] remove remaining tls generation cruft

---
 bin/ssl.sh                | 87 ---------------------------------------
 package.json              |  5 +--
 test/lib/test-ca.conf     | 32 --------------
 third_party_manifest.json |  2 +-
 4 files changed, 3 insertions(+), 123 deletions(-)
 delete mode 100755 bin/ssl.sh
 delete mode 100644 test/lib/test-ca.conf

diff --git a/bin/ssl.sh b/bin/ssl.sh
deleted file mode 100755
index 14759029a4..0000000000
--- a/bin/ssl.sh
+++ /dev/null
@@ -1,87 +0,0 @@
-#! /bin/sh
-
-# Copyright 2020 New Relic Corporation. All rights reserved.
-# SPDX-License-Identifier: Apache-2.0
-
-# https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html
-set -e  # exit if any command fails
-set -x  # be chatty and show the lines we're running
-
-# LibreSSL fails on the openssl ca step for reasons
-# that are mysterious and not understood, so let
-# bail early if we detect that's the case
-ENGINE_OPENSSL=`openssl version | awk '{print $(1)}'`
-if [ "$ENGINE_OPENSSL" = "LibreSSL" ]
-then
-    echo "LibreSSL is not supported, please install a stock openssl and \n"
-    echo "make sure that openssl binary is in your PATH"
-    exit 1
-fi
-
-# CACONFIG is the only non-generated file
-CACONFIG="test/lib/test-ca.conf"
-SSLKEY="test/lib/test-key.key"
-CACERT="test/lib/ca-certificate.crt"
-CAINDEX="test/lib/ca-index"
-CASERIAL="test/lib/ca-serial"
-CERTIFICATE="test/lib/self-signed-test-certificate.crt"
-
-# USAGE: ./bin/ssl.sh clear
-# a sub command to remove all the generated files and start over
-if [ "$1" = "clear" ]
-then
-    rm $SSLKEY
-    rm $CACERT
-    rm $CAINDEX
-    rm $CASERIAL
-    rm $CERTIFICATE
-    exit 0
-fi
-
-# if there's already a certificate, then exit, but
-# exit with a success code so build continue
-if [ -e $CERTIFICATE ]; then
-  exit 0;
-fi
-
-# generates an RSA key
-openssl genrsa -out $SSLKEY
-
-# ca-index is the "certificate authority" database
-# and ca-serial is a file that openssl will read
-# "the next serial number for the ca-index entry"
-# from.
-touch $CAINDEX
-echo 000a > $CASERIAL
-
-# this generates a certificate for the
-# certificate authority
-openssl req \
-  -new \
-  -subj "/O=testsuite/OU=New Relic CA/CN=Node.js test CA" \
-  -key $SSLKEY \
-  -days 3650 \
-  -x509 \
-  -out $CACERT
-
-# this generates a "certificate signing request" file
-openssl req \
-  -new \
-  -subj "/O=testsuite/OU=Node.js agent team/CN=localhost" \
-  -key $SSLKEY \
-  -out server.csr
-
-# using the files generated above, this tells the
-# certificate authority about the request for a certificate,
-# which generates the self-signed-test-certificate.crt file.
-# This is the file used by the web server
-openssl ca \
-  -batch \
-  -cert $CACERT \
-  -config $CACONFIG \
-  -keyfile $SSLKEY \
-  -in server.csr \
-  -out $CERTIFICATE
-
-# remove the signing request now that we're done with it
-rm -f server.csr
diff --git a/package.json b/package.json
index 91a5d6188f..9981b72ce6 100644
--- a/package.json
+++ b/package.json
@@ -163,15 +163,14 @@
     "docs": "rm -rf ./out && jsdoc -c ./jsdoc-conf.jsonc --private -r .",
     "integration": "npm run prepare-test && npm run sub-install && BORP_CONF_FILE=.borp.int.yaml time c8 -o ./coverage/integration borp --timeout 600000 --reporter ./test/lib/test-reporter.mjs",
     "integration:esm": "NODE_OPTIONS='--loader=./esm-loader.mjs' BORP_CONF_FILE=.borp.int-esm.yaml time c8 -o ./coverage/integration-esm borp --reporter ./test/lib/test-reporter.mjs",
-    "prepare-test": "npm run ssl && npm run docker-env",
+    "prepare-test": "npm run docker-env",
     "lint": "eslint ./*.{js,mjs} lib test bin",
     "lint:fix": "eslint --fix, ./*.{js,mjs} lib test bin",
     "public-docs": "jsdoc -c ./jsdoc-conf.jsonc",
     "publish-docs": "./bin/publish-docs.sh",
     "services": "DOCKER_PLATFORM=linux/$(uname -m) docker compose up -d --wait",
     "services:stop": "docker compose down",
-    "smoke": "npm run ssl && time borp --timeout 180000 --reporter ./test/lib/test-reporter.mjs 'test/smoke/**/*.tap.js'",
-    "ssl": "./bin/ssl.sh",
+    "smoke": "time borp --timeout 180000 --reporter ./test/lib/test-reporter.mjs 'test/smoke/**/*.tap.js'",
     "sub-install": "node test/bin/install_sub_deps",
     "test": "npm run integration && npm run unit",
     "third-party-updates": "oss third-party manifest --includeOptDeps && oss third-party notices --includeOptDeps && git add THIRD_PARTY_NOTICES.md third_party_manifest.json",
diff --git a/test/lib/test-ca.conf b/test/lib/test-ca.conf
deleted file mode 100644
index 3d033e499d..0000000000
--- a/test/lib/test-ca.conf
+++ /dev/null
@@ -1,32 +0,0 @@
-[ ca ]
-default_ca = nodejs
-
-[ crl_ext ]
-authorityKeyIdentifier=keyid:always
-
-[ nodejs ]
-new_certs_dir = /tmp
-unique_subject = no
-certificate = test/lib/ca-certificate.crt
-database = test/lib/ca-index
-private_key = test/lib/test-key.key
-serial = test/lib/ca-serial
-default_days = 365
-default_md = sha256
-policy = nodejs_policy
-x509_extensions = nodejs_extensions
-
-[ nodejs_policy ]
-commonName = supplied
-stateOrProvinceName = optional
-countryName = optional
-emailAddress = optional
-organizationName = supplied
-organizationalUnitName = supplied
-
-[ nodejs_extensions ]
-basicConstraints = CA:false
-subjectKeyIdentifier = hash
-authorityKeyIdentifier = keyid:always
-keyUsage = digitalSignature,keyEncipherment
-extendedKeyUsage = serverAuth
diff --git a/third_party_manifest.json b/third_party_manifest.json
index 53f5720123..0071d850c5 100644
--- a/third_party_manifest.json
+++ b/third_party_manifest.json
@@ -1,5 +1,5 @@
 {
-  "lastUpdated": "Wed Oct 23 2024 13:51:47 GMT-0400 (Eastern Daylight Time)",
+  "lastUpdated": "Wed Oct 23 2024 13:54:45 GMT-0400 (Eastern Daylight Time)",
   "projectName": "New Relic Node Agent",
   "projectUrl": "https://github.com/newrelic/node-newrelic",
   "includeOptDeps": true,