Skip to content
Snippets Groups Projects
Commit 1ff40e23 authored by Nicholas Terranova's avatar Nicholas Terranova
Browse files

t/no_ta.t and t/untrusted_ac.t amended

parent d1bbdff6
No related branches found
No related tags found
No related merge requests found
......@@ -5,7 +5,7 @@ run_tests();
__DATA__
=== TEST 1: Valid proxy, wrong client certificate trust-anchor
=== TEST 1: Valid proxy, wrong client trust-anchor
--- main_config
env OPENSSL_ALLOW_PROXY_CERTS=1;
env X509_VOMS_DIR=t/vomsdir;
......@@ -34,35 +34,4 @@ __DATA__
GET /
--- error_code: 400
=== TEST 2: Valid proxy, wrong VOMS trust-anchor
--- main_config
env OPENSSL_ALLOW_PROXY_CERTS=1;
env X509_VOMS_DIR=t/vomsdir;
env X509_CERT_DIR=t/test-trust-anchors;
--- http_config
server {
error_log logs/error.log debug;
listen 8443 ssl;
ssl_certificate ../../certs/nginx_voms_example.cert.pem;
ssl_certificate_key ../../certs/nginx_voms_example.key.pem;
ssl_client_certificate ../../trust-anchors/igi-test-ca.pem;
ssl_verify_depth 10;
ssl_verify_client on;
location = / {
default_type text/plain;
echo $voms_fqans;
}
}
--- config
location = / {
proxy_pass https://localhost:8443/;
proxy_ssl_certificate ../../certs/3.cert.pem;
proxy_ssl_certificate_key ../../certs/3.key.pem;
}
--- request
GET /
--- error_log
Cannot verify AC signature
--- error_code: 200
......@@ -5,7 +5,7 @@ run_tests();
__DATA__
=== TEST 1: https with x509 client authentication, untrusted AC signature
=== TEST 1: https with x509 client authentication, untrusted AC signature LSC missing
--- main_config
env OPENSSL_ALLOW_PROXY_CERTS=1;
env X509_VOMS_DIR=t/vomsdir;
......@@ -32,6 +32,42 @@ __DATA__
}
--- request
GET /
--- response_body_like eval
qr/\n/
--- error_log
Cannot verify AC signature
--- error_code: 200
=== TEST 2: Valid proxy, VOMS trust-anchor missing
--- main_config
env OPENSSL_ALLOW_PROXY_CERTS=1;
env X509_VOMS_DIR=t/vomsdir;
env X509_CERT_DIR=t;
--- http_config
server {
error_log logs/error.log debug;
listen 8443 ssl;
ssl_certificate ../../certs/nginx_voms_example.cert.pem;
ssl_certificate_key ../../certs/nginx_voms_example.key.pem;
ssl_client_certificate ../../trust-anchors/igi-test-ca.pem;
ssl_verify_depth 10;
ssl_verify_client on;
location = / {
default_type text/plain;
echo $voms_fqans;
}
}
--- config
location = / {
proxy_pass https://localhost:8443/;
proxy_ssl_certificate ../../certs/3.cert.pem;
proxy_ssl_certificate_key ../../certs/3.key.pem;
}
--- request
GET /
--- response_body_like eval
qr/\n/
--- error_log
Cannot verify AC signature
--- error_code: 200
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment