Skip to content
Snippets Groups Projects
Commit b2b78ad0 authored by Francesco Giacomini's avatar Francesco Giacomini
Browse files

Adapt tests to throw-away CA 

Note how the response is not hardcoded, but is computed from the used
certificate.
parent da008649
No related branches found
No related tags found
1 merge request!27Resolve "Use a throw-away CA for the tests"
Hide whitespace changes
Inline Side-by-side
t/eec_cert1.t
+ 11
28
View file @ b2b78ad0
......@@ -4,7 +4,7 @@ run_tests();
__DATA__
=== TEST 1: rfc proxy certificate, no AC
=== TEST 1: RFC proxy certificate, no AC
--- main_config
env X509_VOMS_DIR=t/vomsdir;
env X509_CERT_DIR=t/trust-anchors;
......@@ -18,14 +18,14 @@ __DATA__
server {
error_log logs/error.log debug;
listen 8443 ssl;
ssl_certificate ../../certs/star.test.example.cert.pem;
ssl_certificate_key ../../certs/star.test.example.key.pem;
ssl_client_certificate ../../trust-anchors/igi-test-ca.pem;
ssl_certificate ../../certs/star_test_example.cert.pem;
ssl_certificate_key ../../certs/star_test_example.key.pem;
ssl_client_certificate ../../trust-anchors/igi_test_ca.pem;
ssl_verify_depth 10;
ssl_verify_client on;
location = / {
default_type text/plain;
return 200 "$ssl_client_ee_cert\n";
return 200 "$ssl_client_ee_s_dn\n$ssl_client_ee_i_dn\n$ssl_client_s_dn\n$ssl_client_i_dn\n";
}
}
--- config
......@@ -37,27 +37,10 @@ __DATA__
}
--- request
GET /
--- response_body
-----BEGIN CERTIFICATE-----
MIIDnjCCAoagAwIBAgIBCDANBgkqhkiG9w0BAQUFADAtMQswCQYDVQQGEwJJVDEM
MAoGA1UECgwDSUdJMRAwDgYDVQQDDAdUZXN0IENBMB4XDTIyMTAwMTEzMTYzMloX
DTMyMDkyODEzMTYzMlowKzELMAkGA1UEBhMCSVQxDDAKBgNVBAoMA0lHSTEOMAwG
A1UEAwwFdGVzdDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoyIIN
H7YaqKMIW4kI41E0gDqtaQKYKdCv1cDL9/ibg0QLO/hyak9u9zQnp7XlK6e9NwnM
T3efn3o5xWyA4nY8UWvXQRxQjuQO1hxManxFxzVHYYkd5p4JDy3lrDSPgw8yojPZ
iAwVcDWZfVzXEC/EEAtbheSZcydQaEWSCLmY9rrriyvxrIlYaiAzXFhV0hRsxPy9
Fk85nq1JVzeAN7jVt3JVrDgHd17IQIySXz3JU7UYChGcW3CO4LNe4p39cbjW6wbi
Uqo+7caSJsOxwoS2RcHAahgd+BGegMkr48krmojuDcYrrkAL4AK0Uh5xXdWul1kG
0SFf0WyN23CjuFEXAgMBAAGjgcowgccwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
aognKvxLiK8OSA1F/9x+7qCDtuUwDgYDVR0PAQH/BAQDAgXgMD4GA1UdJQQ3MDUG
CCsGAQUFBwMBBggrBgEFBQcDAgYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBBggrBgEF
BQcDBDAfBgNVHSMEGDAWgBRQm290AeMaA1er2dV9FWRMJfP49DAnBgNVHREEIDAe
gRxhbmRyZWEuY2VjY2FudGlAY25hZi5pbmZuLml0MA0GCSqGSIb3DQEBBQUAA4IB
AQBHBk5Pcr3EXJZedPeEQuXCdPMDAJpAcZTCTINfGRoQXDYQk6ce8bH8jHPmao6d
qV/f/14y2Jmkz+aiFQhSSyDLk4ywTgGHT+kpWEsYGbN4AdcMlH1L9uaG7YbuAZzH
6bkd8HLsTiwslXYHjyldbQL9ZU6DrGAdt/IuAfFrQjWWuJ21SfBlnp4OkWQK5wTk
sTvfeZX6VwinpXzF6xIrtAfJ7OYRDuN7UIrwBl9G0hoQPuXFJeVRAzYRwDVbejSo
/8OWCj17EXDO+tG6Md+JYIsqJ4wrytd4YeuYDVDzbVV8DHfMrk2+PeJ0nSOSyYV+
doaFzJ6837vw8+5gxDTHT/un
-----END CERTIFICATE-----
--- response_body eval
my $ee_s = `openssl x509 -in t/certs/test0.cert.pem -noout -subject -nameopt RFC2253` =~ s/^subject=//r;
my $ee_i = `openssl x509 -in t/certs/test0.cert.pem -noout -issuer -nameopt RFC2253` =~ s/^issuer=//r;
my $pr_s = `openssl x509 -in t/certs/0.cert.pem -noout -subject -nameopt RFC2253` =~ s/^subject=//r;
my $pr_i = `openssl x509 -in t/certs/0.cert.pem -noout -issuer -nameopt RFC2253` =~ s/^issuer=//r;
"$ee_s$ee_i$pr_s$pr_i";
--- error_code: 200
t/eec_cert2.t
+ 8
29
View file @ b2b78ad0
......@@ -18,14 +18,14 @@ __DATA__
server {
error_log logs/error.log debug;
listen 8443 ssl;
ssl_certificate ../../certs/star.test.example.cert.pem;
ssl_certificate_key ../../certs/star.test.example.key.pem;
ssl_client_certificate ../../trust-anchors/igi-test-ca.pem;
ssl_certificate ../../certs/star_test_example.cert.pem;
ssl_certificate_key ../../certs/star_test_example.key.pem;
ssl_client_certificate ../../trust-anchors/igi_test_ca.pem;
ssl_verify_depth 10;
ssl_verify_client on;
location = / {
location = / {
default_type text/plain;
return 200 "$ssl_client_ee_cert\n";
return 200 "$ssl_client_ee_s_dn\n";
}
}
--- config
......@@ -33,31 +33,10 @@ __DATA__
error_log logs/error-proxy.log debug;
proxy_pass https://localhost:8443/;
proxy_ssl_certificate ../../certs/test0.cert.pem;
proxy_ssl_certificate_key ../../certs/9.key.pem;
proxy_ssl_certificate_key ../../certs/test0.key.pem;
}
--- request
GET /
--- response_body
-----BEGIN CERTIFICATE-----
MIIDnjCCAoagAwIBAgIBCDANBgkqhkiG9w0BAQUFADAtMQswCQYDVQQGEwJJVDEM
MAoGA1UECgwDSUdJMRAwDgYDVQQDDAdUZXN0IENBMB4XDTIyMTAwMTEzMTYzMloX
DTMyMDkyODEzMTYzMlowKzELMAkGA1UEBhMCSVQxDDAKBgNVBAoMA0lHSTEOMAwG
A1UEAwwFdGVzdDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoyIIN
H7YaqKMIW4kI41E0gDqtaQKYKdCv1cDL9/ibg0QLO/hyak9u9zQnp7XlK6e9NwnM
T3efn3o5xWyA4nY8UWvXQRxQjuQO1hxManxFxzVHYYkd5p4JDy3lrDSPgw8yojPZ
iAwVcDWZfVzXEC/EEAtbheSZcydQaEWSCLmY9rrriyvxrIlYaiAzXFhV0hRsxPy9
Fk85nq1JVzeAN7jVt3JVrDgHd17IQIySXz3JU7UYChGcW3CO4LNe4p39cbjW6wbi
Uqo+7caSJsOxwoS2RcHAahgd+BGegMkr48krmojuDcYrrkAL4AK0Uh5xXdWul1kG
0SFf0WyN23CjuFEXAgMBAAGjgcowgccwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
aognKvxLiK8OSA1F/9x+7qCDtuUwDgYDVR0PAQH/BAQDAgXgMD4GA1UdJQQ3MDUG
CCsGAQUFBwMBBggrBgEFBQcDAgYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBBggrBgEF
BQcDBDAfBgNVHSMEGDAWgBRQm290AeMaA1er2dV9FWRMJfP49DAnBgNVHREEIDAe
gRxhbmRyZWEuY2VjY2FudGlAY25hZi5pbmZuLml0MA0GCSqGSIb3DQEBBQUAA4IB
AQBHBk5Pcr3EXJZedPeEQuXCdPMDAJpAcZTCTINfGRoQXDYQk6ce8bH8jHPmao6d
qV/f/14y2Jmkz+aiFQhSSyDLk4ywTgGHT+kpWEsYGbN4AdcMlH1L9uaG7YbuAZzH
6bkd8HLsTiwslXYHjyldbQL9ZU6DrGAdt/IuAfFrQjWWuJ21SfBlnp4OkWQK5wTk
sTvfeZX6VwinpXzF6xIrtAfJ7OYRDuN7UIrwBl9G0hoQPuXFJeVRAzYRwDVbejSo
/8OWCj17EXDO+tG6Md+JYIsqJ4wrytd4YeuYDVDzbVV8DHfMrk2+PeJ0nSOSyYV+
doaFzJ6837vw8+5gxDTHT/un
-----END CERTIFICATE-----
--- response_body eval
`openssl x509 -in t/certs/test0.cert.pem -noout -subject -nameopt RFC2253` =~ s/^subject=//r;
--- error_code: 200
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment