Adapt tests to throw-away CA

eec_subject2 subsumes eec_cert2.

Adapt tests to throw-away CA
53479f07 · Francesco Giacomini · a0a84899 · a0a84899 · 53479f07
Commit 53479f07 authored 4 months ago by Francesco Giacomini
--- a/t/eec_cert2.t
+++ b/t/eec_cert2.t
-use Test::Nginx::Socket 'no_plan';
-
-run_tests();
-
-__DATA__
-
-=== TEST 2: EEC
--- main_config
-    env X509_VOMS_DIR=t/vomsdir;
-    env X509_CERT_DIR=t/trust-anchors;
-    load_module /etc/nginx/modules/ngx_http_voms_module.so;
--- http_config
-    client_body_temp_path /tmp/client_temp;
-    proxy_temp_path       /tmp/proxy_temp_path;
-    fastcgi_temp_path     /tmp/fastcgi_temp;
-    uwsgi_temp_path       /tmp/uwsgi_temp;
-    scgi_temp_path        /tmp/scgi_temp;
-    server {
-        error_log logs/error.log debug;
-        listen 8443 ssl;
-        ssl_certificate ../../certs/star_test_example.cert.pem;
-        ssl_certificate_key ../../certs/star_test_example.key.pem;
-        ssl_client_certificate ../../trust-anchors/igi_test_ca.pem;
-        ssl_verify_depth 10;
-        ssl_verify_client on;
-        location = / {
-            default_type text/plain;
-            return 200 "$ssl_client_ee_s_dn\n";
-        }
-    }
--- config
-    location = / {
-        error_log logs/error-proxy.log debug;
-        proxy_pass https://localhost:8443/;
-        proxy_ssl_certificate ../../certs/test0.cert.pem;
-        proxy_ssl_certificate_key ../../certs/test0.key.pem;
-    }
--- request
-GET / 
--- response_body eval
-`openssl x509 -in t/certs/test0.cert.pem -noout -subject -nameopt RFC2253` =~ s/^subject=//r;
--- error_code: 200
--- a/t/eec_subject2.t
+++ b/t/eec_subject2.t
@@ -4,7 +4,7 @@ run_tests();

 __DATA__

-=== TEST 1: standard x.509 certificate 
+=== TEST 1: End-entity X.509 certificate 
 --- main_config
    env X509_VOMS_DIR=t/vomsdir;
    env X509_CERT_DIR=t/trust-anchors;
@@ -18,12 +18,12 @@ __DATA__
    server {
        error_log logs/error.log debug;
        listen 8443 ssl;
-        ssl_certificate ../../certs/star.test.example.cert.pem;
-        ssl_certificate_key ../../certs/star.test.example.key.pem;
-        ssl_client_certificate ../../trust-anchors/igi-test-ca.pem;
+        ssl_certificate ../../certs/star_test_example.cert.pem;
+        ssl_certificate_key ../../certs/star_test_example.key.pem;
+        ssl_client_certificate ../../trust-anchors/igi_test_ca.pem;
        ssl_verify_depth 10;
        ssl_verify_client on;
-	location = / {
+        location = / {
            default_type text/plain;
            return 200 "$ssl_client_ee_s_dn\n$ssl_client_s_dn\n$ssl_client_ee_i_dn\n$ssl_client_i_dn\n";
        }
@@ -32,14 +32,13 @@ __DATA__
    location = / {
        error_log logs/error-proxy.log debug;
        proxy_pass https://localhost:8443/;
-        proxy_ssl_certificate ../../certs/star.test.example.cert.pem;
-        proxy_ssl_certificate_key ../../certs/star.test.example.key.pem;
+        proxy_ssl_certificate ../../certs/test0.cert.pem;
+        proxy_ssl_certificate_key ../../certs/test0.key.pem;
    }
 --- request
 GET / 
--- response_body
-CN=*.test.example,O=IGI,C=IT
-CN=*.test.example,O=IGI,C=IT
-CN=Test CA,O=IGI,C=IT
-CN=Test CA,O=IGI,C=IT
+--- response_body eval
+my $c_s = `openssl x509 -in t/certs/test0.cert.pem -noout -subject -nameopt RFC2253` =~ s/^subject=//r;
+my $c_i = `openssl x509 -in t/certs/test0.cert.pem -noout -issuer -nameopt RFC2253` =~ s/^issuer=//r;
+"$c_s$c_s$c_i$c_i";
 --- error_code: 200