From 8796e61b36b4071862e8bcfd6efc6fd14be54cd8 Mon Sep 17 00:00:00 2001
From: rhoerbe <rainer@hoerbe.at>
Date: Mon, 10 Mar 2014 12:46:57 +0100
Subject: [PATCH 1/3] added message on "is entity in metadata" assertion

---
 src/idp_test/__init__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/idp_test/__init__.py b/src/idp_test/__init__.py
index a5c268f..1795958 100644
--- a/src/idp_test/__init__.py
+++ b/src/idp_test/__init__.py
@@ -208,7 +208,7 @@ class SAML2client(object):
         try:
             self.entity_id = _jc["entity_id"]
             # Verify its the correct metadata
-            assert self.entity_id in md.entity.keys()
+            assert self.entity_id in md.entity.keys(), "Entityid {0} not found in {1}".format(self.entity_id, ', '.join(md.entity.keys()))
         except KeyError:
             if len(md.entity.keys()) == 1:
                 self.entity_id = md.entity.keys()[0]

From 3726a395db434a9ea6cc83c37626d7770ae11a77 Mon Sep 17 00:00:00 2001
From: rhoerbe <rainer@hoerbe.at>
Date: Thu, 13 Mar 2014 18:27:08 +0100
Subject: [PATCH 2/3] added -i and -t options in synopsis of sp_testdrv.py

---
 doc/howto.rst | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/doc/howto.rst b/doc/howto.rst
index 414f725..ac278f1 100644
--- a/doc/howto.rst
+++ b/doc/howto.rst
@@ -241,7 +241,7 @@ Running the script testing an SP
 Synopsis::
 
     $ sp_testdrv.py --help
-    usage: sp_testdrv.py [-h] [-d] [-C CA_CERTS] [-J TT_CONFIG_FILE] [-m] [-l] [-c TD_CONFIG] [oper]
+    usage: sp_testdrv.py [-h] [-d] [-C CA_CERTS] [-i] [-J TT_CONFIG_FILE] [-m] [-l] [-c TD_CONFIG] [-t TEST_PACKAGE] [oper]
 
     positional arguments:
       oper                 Which test to run (mandatory except for options -h, -l and -m)
@@ -255,6 +255,7 @@ Synopsis::
                             with the -P option. Do not use relative paths or filename extension
       -d, --debug           Print debug information to stderr
       -h, --help            show this help message and exit
+      -i, --insecure        do not check TLS certificate
       -J TT_CONFIG_FILE     Test target configuration in JSON format
       -L, --log             Print HTTP log information # TODO: update documentation
       -l, --list            List all the test flows as a JSON object

From dc29ade0e7d2d25cfc595942ca64268cd84d4aca Mon Sep 17 00:00:00 2001
From: rhoerbe <rainer@hoerbe.at>
Date: Thu, 13 Mar 2014 18:36:23 +0100
Subject: [PATCH 3/3] corrected description of -C argument, added -i

---
 doc/howto.rst | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/doc/howto.rst b/doc/howto.rst
index ac278f1..a1ab5b9 100644
--- a/doc/howto.rst
+++ b/doc/howto.rst
@@ -206,7 +206,7 @@ Running the script testing an IDP
 Synopsis::
 
     $ idp_testdrv.py --help
-    usage: idp_testdrv.py [-h] [-d] [-H] [-C CA_CERTS] [-J TT_CONFIG_FILE] [-m] [-l]
+    usage: idp_testdrv.py [-h] [-d] [-H] [-i] [-C CA_CERTS] [-J TT_CONFIG_FILE] [-m] [-l]
                      [-c TD_CONFIG]
                      [oper]
 
@@ -215,14 +215,15 @@ Synopsis::
 
     optional arguments:
       -C CA_CERTS            CA certs to use to verify HTTPS server certificates, if
-                             HTTPS is used and no server CA certs are defined then
-                             no cert verification will be done. For a generic validation you may use the ca_bundle.crt
-                             file that comes with Mozilla.
+                             HTTPS is used and server certs are passed with -C then
+                             the default cert verification will be done using keys/cacert.pem,
+                             which is derived from Mozilla's ca_bundle.crt.
       -c TD_CONFIG, --config Test driver configuration module at the current directory or the path specified
                              with the -P option. Do not use relative paths or the .py filename extension
       -d, --debug            Print debug information to stderr
       -H, --prettyprint      Human readable status output
       -h, --help             show this help message and exit
+      -i, --insecure         do not check TLS certificate (overriding -C option)
       -J TT_CONFIG_FILE      Test target configuration in JSON format
       -L, --log              Print HTTP log information # TODO: update documentation
       -l, --list             List all the test operations as a JSON object
@@ -248,14 +249,14 @@ Synopsis::
 
     optional arguments:
       -C CA_CERTS           CA certs to use to verify HTTPS server certificates, if
-                            HTTPS is used and no server CA certs are defined then
-                            no cert verification will be done. For a generic validation you may use the ca_bundle.crt
-                            file that comes with Mozilla.
+                            HTTPS is used and server certs are passed with -C then
+                            the default cert verification will be done using keys/cacert.pem,
+                            which is derived from Mozilla's ca_bundle.crt.
       -c TD_CONFIG, --config Test driver configuration module at the current directory or the path specified
                             with the -P option. Do not use relative paths or filename extension
       -d, --debug           Print debug information to stderr
       -h, --help            show this help message and exit
-      -i, --insecure        do not check TLS certificate
+      -i, --insecure        do not check TLS certificate (overriding -C option)
       -J TT_CONFIG_FILE     Test target configuration in JSON format
       -L, --log             Print HTTP log information # TODO: update documentation
       -l, --list            List all the test flows as a JSON object