Compare revisions

6d052991 · 6d052991 · 6d052991 · 6d052991 · 40be9747 · 40be9747
--- a/t/eec_subject3.t
+++ b/t/eec_subject3.t
+# SPDX-FileCopyrightText: 2018 Istituto Nazionale di Fisica Nucleare
+#
+# SPDX-License-Identifier: EUPL-1.2
+
+use Test::Nginx::Socket 'no_plan';
+
+run_tests();
+
+__DATA__
+
+=== TEST 1: three delegations proxy
+--- main_config
+    env X509_VOMS_DIR=t/vomsdir;
+    env X509_CERT_DIR=t/trust-anchors;
+    load_module /etc/nginx/modules/ngx_http_voms_module.so;
+--- http_config
+    client_body_temp_path /tmp/client_temp;
+    proxy_temp_path       /tmp/proxy_temp_path;
+    fastcgi_temp_path     /tmp/fastcgi_temp;
+    uwsgi_temp_path       /tmp/uwsgi_temp;
+    scgi_temp_path        /tmp/scgi_temp;
+    server {
+        error_log logs/error.log debug;
+        listen 8443 ssl;
+        ssl_certificate ../../certs/star_test_example.cert.pem;
+        ssl_certificate_key ../../certs/star_test_example.key.pem;
+        ssl_client_certificate ../../trust-anchors/igi_test_ca.pem;
+        ssl_verify_depth 10;
+        ssl_verify_client on;
+	location = / {
+            default_type text/plain;
+            return 200 "$ssl_client_ee_s_dn\n$ssl_client_ee_i_dn\n";
+        }
+    }
+--- config
+    location = / {
+        error_log logs/error-proxy.log debug;
+        proxy_pass https://localhost:8443/;
+        proxy_ssl_certificate ../../certs/6.cert.pem;
+        proxy_ssl_certificate_key ../../certs/6.key.pem;
+    }
+--- request
+GET / 
+--- response_body eval
+my $c_s = `openssl x509 -in t/certs/test0.cert.pem -noout -subject -nameopt RFC2253` =~ s/^subject=//r;
+my $c_i = `openssl x509 -in t/certs/test0.cert.pem -noout -issuer -nameopt RFC2253` =~ s/^issuer=//r;
+"$c_s$c_i";
+--- error_code: 200
--- a/t/encoding.t
+++ b/t/encoding.t
+# SPDX-FileCopyrightText: 2018 Istituto Nazionale di Fisica Nucleare
+#
+# SPDX-License-Identifier: EUPL-1.2

 use Test::Nginx::Socket 'no_plan';

@@ -9,18 +12,24 @@ __DATA__
 --- main_config
    env X509_VOMS_DIR=t/vomsdir;
    env X509_CERT_DIR=t/trust-anchors;
+    load_module /etc/nginx/modules/ngx_http_voms_module.so;
 --- http_config
+    client_body_temp_path /tmp/client_temp;
+    proxy_temp_path       /tmp/proxy_temp_path;
+    fastcgi_temp_path     /tmp/fastcgi_temp;
+    uwsgi_temp_path       /tmp/uwsgi_temp;
+    scgi_temp_path        /tmp/scgi_temp;
    server {
        error_log logs/error.log debug;
        listen 8443 ssl;
-        ssl_certificate ../../certs/nginx_voms_example.cert.pem;
-        ssl_certificate_key ../../certs/nginx_voms_example.key.pem;
-        ssl_client_certificate ../../trust-anchors/igi-test-ca.pem;
+        ssl_certificate ../../certs/star_test_example.cert.pem;
+        ssl_certificate_key ../../certs/star_test_example.key.pem;
+        ssl_client_certificate ../../trust-anchors/igi_test_ca.pem;
        ssl_verify_depth 10;
        ssl_verify_client on;
-	location = / {
+        location = / {
            default_type text/plain;
-            echo $voms_generic_attributes;
+            return 200 "$voms_generic_attributes\n";
        }
    }
 --- config
@@ -33,5 +42,5 @@ __DATA__
 --- request
 GET / 
 --- response_body
-n=nickname v=newland86 q=test.vo,n=title v=assegnista%25di%25ricerca%40CNAF q=test.vo
+n=nickname v=sd q=test.vo,n=title v=assegnista%25di%25ricerca%40CNAF q=test.vo
 --- error_code: 200
--- a/t/expired.t
+++ b/t/expired.t
+# SPDX-FileCopyrightText: 2018 Istituto Nazionale di Fisica Nucleare
+#
+# SPDX-License-Identifier: EUPL-1.2

 use Test::Nginx::Socket 'no_plan';

@@ -6,18 +9,25 @@ run_tests();
 __DATA__

 === TEST 1: https with x509 client authentication, expired client certificate
+--- main_config
+    load_module /etc/nginx/modules/ngx_http_voms_module.so;
 --- http_config
+    client_body_temp_path /tmp/client_temp;
+    proxy_temp_path       /tmp/proxy_temp_path;
+    fastcgi_temp_path     /tmp/fastcgi_temp;
+    uwsgi_temp_path       /tmp/uwsgi_temp;
+    scgi_temp_path        /tmp/scgi_temp;
    server {
        error_log logs/error.log debug;
        listen 8443 ssl;
-        ssl_certificate ../../certs/nginx_voms_example.cert.pem;
-        ssl_certificate_key ../../certs/nginx_voms_example.key.pem;
-        ssl_client_certificate ../../trust-anchors/igi-test-ca.pem;
+        ssl_certificate ../../certs/star_test_example.cert.pem;
+        ssl_certificate_key ../../certs/star_test_example.key.pem;
+        ssl_client_certificate ../../trust-anchors/igi_test_ca.pem;
        ssl_verify_depth 10;
        ssl_verify_client on;
-	location = / {
+        location = / {
            default_type text/plain;
-            echo $ssl_client_s_dn;
+            return 200 "$ssl_client_s_dn\n";
        }
    }
 --- config

--- a/t/expired_ac.t
+++ b/t/expired_ac.t
+# SPDX-FileCopyrightText: 2018 Istituto Nazionale di Fisica Nucleare
+#
+# SPDX-License-Identifier: EUPL-1.2

 use Test::Nginx::Socket 'no_plan';

@@ -9,19 +12,24 @@ __DATA__
 --- main_config
    env X509_VOMS_DIR=t/vomsdir;
    env X509_CERT_DIR=t/trust-anchors;
+    load_module /etc/nginx/modules/ngx_http_voms_module.so;
 --- http_config
+    client_body_temp_path /tmp/client_temp;
+    proxy_temp_path       /tmp/proxy_temp_path;
+    fastcgi_temp_path     /tmp/fastcgi_temp;
+    uwsgi_temp_path       /tmp/uwsgi_temp;
+    scgi_temp_path        /tmp/scgi_temp;
    server {
        error_log logs/error.log debug;
        listen 8443 ssl;
-        ssl_certificate ../../certs/nginx_voms_example.cert.pem;
-        ssl_certificate_key ../../certs/nginx_voms_example.key.pem;
-        ssl_client_certificate ../../trust-anchors/igi-test-ca.pem;
+        ssl_certificate ../../certs/star_test_example.cert.pem;
+        ssl_certificate_key ../../certs/star_test_example.key.pem;
+        ssl_client_certificate ../../trust-anchors/igi_test_ca.pem;
        ssl_verify_depth 10;
        ssl_verify_client on;
-	location = / {
+        location = / {
            default_type text/plain;
-            echo $voms_fqans;
-            echo $voms_user;
+            return 200 "$voms_fqans\n$voms_user\n";
        }
    }
 --- config
@@ -32,7 +40,7 @@ __DATA__
        proxy_ssl_certificate_key ../../certs/1.key.pem;
    }
 --- request
-GET / 
+GET /
 --- response_body_like eval
 qr/\n\n/
 --- error_log

--- a/t/my-echo-test.t
+++ b/t/my-echo-test.t
--- a/t/my-simple-test.t
+++ b/t/my-simple-test.t
--- a/t/no_ac.t
+++ b/t/no_ac.t
--- a/t/no_ssl.t
+++ b/t/no_ssl.t
--- a/t/no_ta.t
+++ b/t/no_ta.t
--- a/t/openssl.conf
+++ b/t/openssl.conf
--- a/t/proxies.d/1.conf
+++ b/t/proxies.d/1.conf
--- a/t/proxies.d/2.conf
+++ b/t/proxies.d/2.conf
--- a/t/proxies.d/3.conf
+++ b/t/proxies.d/3.conf
--- a/t/proxies.d/4.conf
+++ b/t/proxies.d/4.conf
--- a/t/proxies.d/5.conf
+++ b/t/proxies.d/5.conf
--- a/t/setup.sh
+++ b/t/setup.sh
--- a/t/socket.js
+++ b/t/socket.js
--- a/t/ssl_log_voms_plain_http.t
+++ b/t/ssl_log_voms_plain_http.t
--- a/t/ssl_no_client_authn.t
+++ b/t/ssl_no_client_authn.t
--- a/t/subrequest.t
+++ b/t/subrequest.t
No results found