Compare revisions

3c4a7183 · 3c4a7183 · 89acc143 · 89acc143 · 89acc143
--- a/t/untrusted_ac2.t
+++ b/t/untrusted_ac2.t
@@ -11,24 +11,29 @@ __DATA__
    env X509_CERT_DIR=t;
    load_module /etc/nginx/modules/ngx_http_voms_module.so;
 --- http_config
+    client_body_temp_path /tmp/client_temp;
+    proxy_temp_path       /tmp/proxy_temp_path;
+    fastcgi_temp_path     /tmp/fastcgi_temp;
+    uwsgi_temp_path       /tmp/uwsgi_temp;
+    scgi_temp_path        /tmp/scgi_temp;
    server {
        error_log logs/error.log debug;
        listen 8443 ssl;
-        ssl_certificate ../../certs/nginx_voms_example.cert.pem;
-        ssl_certificate_key ../../certs/nginx_voms_example.key.pem;
-        ssl_client_certificate ../../trust-anchors/igi-test-ca.pem;
+        ssl_certificate ../../certs/star_test_example.cert.pem;
+        ssl_certificate_key ../../certs/star_test_example.key.pem;
+        ssl_client_certificate ../../trust-anchors/igi_test_ca.pem;
        ssl_verify_depth 10;
        ssl_verify_client on;
-	location = / {
+        location = / {
            default_type text/plain;
-            return 200 "$voms_fqans\n"; 
+            return 200 "$voms_fqans\n";
       }
    }
 --- config
    location = / {
        proxy_pass https://localhost:8443/;
-        proxy_ssl_certificate ../../certs/3.cert.pem;
-        proxy_ssl_certificate_key ../../certs/3.key.pem;
+        proxy_ssl_certificate ../../certs/5.cert.pem;
+        proxy_ssl_certificate_key ../../certs/5.key.pem;
    }
 --- request
 GET /

--- a/t/valid_ac.t
+++ b/t/valid_ac.t
@@ -3,6 +3,12 @@ use Test::Nginx::Socket 'no_plan';

 run_tests();

+# /C=IT/O=IGI/CN=Test0
+#  /C=IT/O=IGI/CN=Test CA
+# /test.vo/exp1,/test.vo/exp2,/test.vo/exp3/Role=PIPPO,/C=IT/O=IGI/CN=*.test.example
+# test.vo
+# voms.example:15000
+#
 __DATA__

 === TEST 1: valid AC, verification of valid VOMS attributes extracted by ngx_http_voms_module
@@ -11,17 +17,22 @@ __DATA__
    env X509_CERT_DIR=t/trust-anchors;
    load_module /etc/nginx/modules/ngx_http_voms_module.so;
 --- http_config
+    client_body_temp_path /tmp/client_temp;
+    proxy_temp_path       /tmp/proxy_temp_path;
+    fastcgi_temp_path     /tmp/fastcgi_temp;
+    uwsgi_temp_path       /tmp/uwsgi_temp;
+    scgi_temp_path        /tmp/scgi_temp;
    server {
        error_log logs/error.log debug;
        listen 8443 ssl;
-        ssl_certificate ../../certs/nginx_voms_example.cert.pem;
-        ssl_certificate_key ../../certs/nginx_voms_example.key.pem;
-        ssl_client_certificate ../../trust-anchors/igi-test-ca.pem;
+        ssl_certificate ../../certs/star_test_example.cert.pem;
+        ssl_certificate_key ../../certs/star_test_example.key.pem;
+        ssl_client_certificate ../../trust-anchors/igi_test_ca.pem;
        ssl_verify_depth 10;
        ssl_verify_client on;
-	location = / {
+        location = / {
            default_type text/plain;
-            return 200 "$voms_user\n$voms_user_ca\n$voms_fqans\n$voms_server\n$voms_server_ca\n$voms_vo\n$voms_server_uri\n$voms_not_before\n$voms_not_after\n$voms_generic_attributes\n$voms_serial\n";
+            return 200 "$voms_user\n $voms_user_ca\n$voms_fqans,$voms_server\n$voms_vo\n$voms_server_uri\n";
        }
    }
 --- config
@@ -32,18 +43,12 @@ __DATA__
        proxy_ssl_certificate_key ../../certs/3.key.pem;
    }
 --- request
-GET / 
--- response_body
-/C=IT/O=IGI/CN=test0
-/C=IT/O=IGI/CN=Test CA
-/test.vo/exp1,/test.vo/exp2,/test.vo/exp3/Role=PIPPO
-/C=IT/O=IGI/CN=voms.example
-/C=IT/O=IGI/CN=Test CA
-test.vo
-voms.example:15000
-20211110000000Z
-20311231000000Z
-n=nickname v=newland q=test.vo,n=nickname v=giaco q=test.vo
-01E240
+GET /
+--- response_body eval
+  `env X509_CERT_DIR=t/trust-anchors voms-proxy-info -file t/certs/3.pem -identity`
+  . ` env X509_CERT_DIR=t/trust-anchors voms-proxy-info -file t/certs/3.pem -chain | grep issuer | cut -d: -f2 | head -1`
+  . ` env X509_CERT_DIR=t/trust-anchors voms-proxy-info -file t/certs/3.pem -fqan | tr "\n" ","`
+  . ` env X509_CERT_DIR=t/trust-anchors voms-proxy-info -file t/certs/3.pem -acissuer`
+  . ` env X509_CERT_DIR=t/trust-anchors voms-proxy-info -file t/certs/3.pem -vo`
+  . ` env X509_CERT_DIR=t/trust-anchors voms-proxy-info -file t/certs/3.pem -uri`
 --- error_code: 200
-
--- a/t/vomsdir/test.vo/voms.example.lsc
+++ b/t/vomsdir/test.vo/voms.example.lsc
-/C=IT/O=IGI/CN=voms.example
-/C=IT/O=IGI/CN=Test CA
--- a/t/vomses
+++ b/t/vomses
-"test.vo" "voms.example" "15000" "/C=IT/O=IGI/CN=voms.example" "test.vo"
--- a/test-ngx-voms.sh
+++ b/test-ngx-voms.sh
-#!/usr/bin/env bash
-
-# Copyright 2018-2022 Istituto Nazionale di Fisica Nucleare
-# SPDX-License-Identifier: EUPL-1.2
-
-sudo yum install -y faketime
-cd /home/nginx/
-faketime '2021-11-14 08:15:42' prove -v
No results found