Compare revisions

048fb9a4 · efc6a049 · 048fb9a4 · 048fb9a4 · efc6a049 · 048fb9a4
--- a/t/conf.d/untrusted_voms.conf
+++ b/t/conf.d/untrusted_voms.conf
+# SPDX-FileCopyrightText: 2018 Istituto Nazionale di Fisica Nucleare
+#
+# SPDX-License-Identifier: EUPL-1.2
+[ untrusted_voms ]
+default_bits           = 2048
+default_keyfile        = ${ENV::CA_NAME}/certs/untrusted_voms.key.pem
+distinguished_name     = untrusted_voms_dn
+prompt                 = no
+encrypt_key            = no
+default_md             = sha512
+x509_extensions        = untrusted_voms_extensions
+[ untrusted_voms_dn ]
+C                      = IT
+O                      = IGI
+CN                     = untrusted-voms.example
+[ untrusted_voms_extensions ]
+basicConstraints       = critical,CA:FALSE
+subjectKeyIdentifier   = hash
+keyUsage               = critical, digitalSignature
+extendedKeyUsage       = serverAuth, clientAuth
+authorityKeyIdentifier = keyid, issuer
+subjectAltName         = DNS:untrusted-voms.example
--- a/t/eec_cert.t
+++ b/t/eec_cert.t
--- a/t/eec_cert1.t
+++ b/t/eec_cert1.t
+# SPDX-FileCopyrightText: 2018 Istituto Nazionale di Fisica Nucleare
+#
+# SPDX-License-Identifier: EUPL-1.2
+use Test::Nginx::Socket 'no_plan';
+run_tests();
+__DATA__
+=== TEST 1: RFC proxy certificate, no AC
+--- main_config
+    env X509_VOMS_DIR=t/vomsdir;
+    env X509_CERT_DIR=t/trust-anchors;
+    load_module /etc/nginx/modules/ngx_http_voms_module.so;
+--- http_config
+    client_body_temp_path /tmp/client_temp;
+    proxy_temp_path       /tmp/proxy_temp_path;
+    fastcgi_temp_path     /tmp/fastcgi_temp;
+    uwsgi_temp_path       /tmp/uwsgi_temp;
+    scgi_temp_path        /tmp/scgi_temp;	
+    server {
+        error_log logs/error.log debug;
+        listen 8443 ssl;
+        ssl_certificate ../../certs/star_test_example.cert.pem;
+        ssl_certificate_key ../../certs/star_test_example.key.pem;
+        ssl_client_certificate ../../trust-anchors/igi_test_ca.pem;
+        ssl_verify_depth 10;
+        ssl_verify_client on;
+	location = / {
+            default_type text/plain;
+            return 200 "$ssl_client_ee_s_dn\n$ssl_client_ee_i_dn\n$ssl_client_s_dn\n$ssl_client_i_dn\n";
+        }
+    }
+--- config
+    location = / {
+        error_log logs/error-proxy.log debug;
+        proxy_pass https://localhost:8443/;
+        proxy_ssl_certificate ../../certs/0.cert.pem;
+        proxy_ssl_certificate_key ../../certs/0.key.pem;
+    }
+--- request
+GET / 
+--- response_body eval
+my $ee_s = `openssl x509 -in t/certs/test0.cert.pem -noout -subject -nameopt RFC2253` =~ s/^subject=//r;
+my $ee_i = `openssl x509 -in t/certs/test0.cert.pem -noout -issuer -nameopt RFC2253` =~ s/^issuer=//r;
+my $pr_s = `openssl x509 -in t/certs/0.cert.pem -noout -subject -nameopt RFC2253` =~ s/^subject=//r;
+my $pr_i = `openssl x509 -in t/certs/0.cert.pem -noout -issuer -nameopt RFC2253` =~ s/^issuer=//r;
+"$ee_s$ee_i$pr_s$pr_i";
+--- error_code: 200
--- a/t/eec_chain.t
+++ b/t/eec_chain.t
--- a/t/eec_subject.t
+++ b/t/eec_subject.t
--- a/t/eec_subject2.t
+++ b/t/eec_subject2.t
--- a/t/eec_subject3.t
+++ b/t/eec_subject3.t
--- a/t/encoding.t
+++ b/t/encoding.t
--- a/t/expired.t
+++ b/t/expired.t
--- a/t/expired_ac.t
+++ b/t/expired_ac.t
--- a/t/no_ac.t
+++ b/t/no_ac.t
--- a/t/no_ssl.t
+++ b/t/no_ssl.t
--- a/t/no_ta.t
+++ b/t/no_ta.t
--- a/t/openssl.conf
+++ b/t/openssl.conf
+# SPDX-FileCopyrightText: 2018 Istituto Nazionale di Fisica Nucleare
+#
+# SPDX-License-Identifier: EUPL-1.2
+config_diagnostics     = 1
+[ ca ]
+default_ca             = ${ENV::CA_NAME}
+.include conf.d
--- a/t/proxies.d/1.conf
+++ b/t/proxies.d/1.conf
--- a/t/proxies.d/2.conf
+++ b/t/proxies.d/2.conf
--- a/t/proxies.d/3.conf
+++ b/t/proxies.d/3.conf
--- a/t/proxies.d/4.conf
+++ b/t/proxies.d/4.conf
--- a/t/proxies.d/5.conf
+++ b/t/proxies.d/5.conf
--- a/t/setup.sh
+++ b/t/setup.sh
No results found