mirror of
https://gitlab.com/openconnect/ocserv.git
synced 2026-02-10 08:46:58 +08:00
tests: added check for cert handler validity
This commit is contained in:
Nikos Mavrogiannopoulos
@@ -30,7 +30,7 @@ dist_check_SCRIPTS = test-iroute test-pass-script \
|
||||
if HAVE_CWRAP
|
||||
dist_check_SCRIPTS += test-pass test-pass-cert test-cert test-group-pass \
|
||||
test-pass-group-cert test-pass-group-cert-no-pass test-sighup \
|
||||
test-enc-key test-sighup-key-change
|
||||
test-enc-key test-sighup-key-change test-get-cert
|
||||
endif
|
||||
|
||||
AM_CPPFLAGS += \
|
||||
|
||||
68
tests/test-get-cert
Executable file
68
tests/test-get-cert
Executable file
@@ -0,0 +1,68 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (C) 2013 Nikos Mavrogiannopoulos
|
||||
#
|
||||
# This file is part of ocserv.
|
||||
#
|
||||
# ocserv is free software; you can redistribute it and/or modify it
|
||||
# under the terms of the GNU General Public License as published by the
|
||||
# Free Software Foundation; either version 2 of the License, or (at
|
||||
# your option) any later version.
|
||||
#
|
||||
# ocserv is distributed in the hope that it will be useful, but
|
||||
# WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
# General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with GnuTLS; if not, write to the Free Software Foundation,
|
||||
# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
||||
|
||||
SERV="${SERV:-../src/ocserv}"
|
||||
srcdir=${srcdir:-.}
|
||||
NO_NEED_ROOT=1
|
||||
PORT=4445
|
||||
|
||||
TMPFILE=getcert.$$.tmp
|
||||
TMPFILE2=getcert2.$$.tmp
|
||||
|
||||
. `dirname $0`/common.sh
|
||||
|
||||
echo "Testing ocserv certificate GET handlers... "
|
||||
|
||||
update_config test-user-cert.config
|
||||
launch_simple_sr_server -d 1 -f -c ${CONFIG}
|
||||
PID=$!
|
||||
|
||||
wait_server $PID
|
||||
|
||||
echo -n "Connecting to GET PEM certificate... "
|
||||
( LD_PRELOAD=libsocket_wrapper.so curl https://$ADDRESS:$PORT/cert.pem --insecure > $TMPFILE 2>/dev/null ) ||
|
||||
fail $PID "Could not get certificate!"
|
||||
|
||||
cmp $TMPFILE "${srcdir}/server-cert.pem"
|
||||
if test $? != 0;then
|
||||
fail $PID "failed, certs not match"
|
||||
fi
|
||||
|
||||
echo "ok"
|
||||
|
||||
echo -n "Connecting to GET DER certificate... "
|
||||
( LD_PRELOAD=libsocket_wrapper.so curl https://$ADDRESS:$PORT/cert.cer --insecure > $TMPFILE 2>/dev/null ) ||
|
||||
fail $PID "Could not get DER certificate!"
|
||||
|
||||
certtool --inder -i <"$TMPFILE" >$TMPFILE2
|
||||
certtool -i <"${srcdir}/server-cert.pem" >$TMPFILE
|
||||
cmp "$TMPFILE" "$TMPFILE2"
|
||||
if test $? != 0;then
|
||||
fail $PID "failed, certs not match"
|
||||
fi
|
||||
|
||||
echo "ok"
|
||||
|
||||
|
||||
cleanup
|
||||
|
||||
rm -f "$TMPFILE" "$TMPFILE2"
|
||||
|
||||
exit 0
|
||||
Reference in New Issue
Block a user