Newer
Older
use Test::Nginx::Socket 'no_plan';
run_tests();
# /C=IT/O=IGI/CN=Test0
# /C=IT/O=IGI/CN=Test CA
# /test.vo/exp1,/test.vo/exp2,/test.vo/exp3/Role=PIPPO,/C=IT/O=IGI/CN=*.test.example
# test.vo
# voms.example:15000
#
=== TEST 1: valid AC, verification of valid VOMS attributes extracted by ngx_http_voms_module
--- main_config
env X509_VOMS_DIR=t/vomsdir;
env X509_CERT_DIR=t/trust-anchors;
load_module /etc/nginx/modules/ngx_http_voms_module.so;
client_body_temp_path /tmp/client_temp;
proxy_temp_path /tmp/proxy_temp_path;
fastcgi_temp_path /tmp/fastcgi_temp;
uwsgi_temp_path /tmp/uwsgi_temp;
scgi_temp_path /tmp/scgi_temp;
server {
error_log logs/error.log debug;
listen 8443 ssl;
ssl_certificate ../../certs/star_test_example.cert.pem;
ssl_certificate_key ../../certs/star_test_example.key.pem;
ssl_client_certificate ../../trust-anchors/igi_test_ca.pem;
ssl_verify_depth 10;
ssl_verify_client on;
location = / {
return 200 "$voms_user\n $voms_user_ca\n$voms_fqans,$voms_server\n$voms_vo\n$voms_server_uri\n";
}
}
--- config
location = / {
error_log logs/error-proxy.log debug;
proxy_pass https://localhost:8443/;
proxy_ssl_certificate ../../certs/3.cert.pem;
proxy_ssl_certificate_key ../../certs/3.key.pem;
GET /
--- response_body eval
`env X509_CERT_DIR=t/trust-anchors voms-proxy-info -file t/certs/3.pem -identity`
. ` env X509_CERT_DIR=t/trust-anchors voms-proxy-info -file t/certs/3.pem -chain | grep issuer | cut -d: -f2 | head -1`
. ` env X509_CERT_DIR=t/trust-anchors voms-proxy-info -file t/certs/3.pem -fqan | tr "\n" ","`
. ` env X509_CERT_DIR=t/trust-anchors voms-proxy-info -file t/certs/3.pem -acissuer`
. ` env X509_CERT_DIR=t/trust-anchors voms-proxy-info -file t/certs/3.pem -vo`
. ` env X509_CERT_DIR=t/trust-anchors voms-proxy-info -file t/certs/3.pem -uri`