mirror of
https://gitlab.com/openconnect/ocserv.git
synced 2026-03-27 07:18:04 +08:00
tests: enhanced test-pass-cert with various other certificate types
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
This commit is contained in:
Nikos Mavrogiannopoulos
21
tests/certs/user-cert-no-uid.pem
Normal file
21
tests/certs/user-cert-no-uid.pem
Normal file
@@ -0,0 +1,21 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDcTCCAimgAwIBAgIEUdgvGDANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDEwJD
|
||||
QTAgFw0xMzA2MDYxMjUxMjlaGA85OTk5MTIzMTIzNTk1OVowDzENMAsGA1UEAxME
|
||||
dGVzdDCCAVIwDQYJKoZIhvcNAQEBBQADggE/ADCCAToCggExAKtUmPypxhWVnabB
|
||||
lISUkXkeeNstSFGZZQECwEBSSV3rcLwm72g5HgSR4tvLb5NARR4ijnFaWIkoeV4a
|
||||
MiU+i507NH8Z+NAvN7diMrdTpUMsxV3srPk1+hQrNGbx1qeh0IOaVvQZg7y/EXQw
|
||||
LagoW6KresbNnFz4UempDEjbcbuxNHf37t5deMBICjcNZR47KxQDiXLyUu1fAMUG
|
||||
YOqAINBD7Ga80ibb8Ck+avliIL5YJkS614xvdqYFIOSYt8Ryel3fTw0j7C6cceww
|
||||
+RRfyHULq2f2fftNdmRKpdX6tAhQnRPHj8J5sLQ+L4nTMydNn4vTYCQHq7JyPSml
|
||||
xErsPATSST4mG+x6ED3KRVqAi00qlmNPLWMoDztHR8p8LBVBMtXgyb6lVSyza0Yq
|
||||
VrEb7SkCAwEAAaN1MHMwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggrBgEFBQcD
|
||||
AjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0OBBYEFIsBCUs7kezjIbkd7I1rTF2eQIBe
|
||||
MB8GA1UdIwQYMBaAFEgjNFMKiTE4SlrqyrbSpt7OHSsYMA0GCSqGSIb3DQEBCwUA
|
||||
A4IBMQBlpDoz9srC2Z3u8womPq3/fUh6p26B//LiB9gWdQLsQBJcexa2rcKorrVC
|
||||
q1w4QM2F639RweG96HXr/pflRBtrLoxNIc7i4NB5Plq8xs3L1quywKdQhaJaHU8g
|
||||
8FBXRW7g9RL1PqPmffK2g25nPAbWUs0zHviSVKH1e/ZKewzGhNnoCliCnUuRm2Gp
|
||||
Ox+kAvC1bvj4Lx/QpQG/BR+Ual3X3nA3sTiRncfe10bSw4tTbD1XNSDHnrZBYT1X
|
||||
AxhrfNWm/niI42d0V056ZyBbrQby6PBSnp8PyvtMXTqzkqw8At7cxkElbMesvNHu
|
||||
3h6Hh6v7BCVj0kvu5NTfFtLJsVFANRGF7R2fLkIKDaUbkN50stiNZj41OTHp2db7
|
||||
qeN5jJm6zTU6t/uhBAKpgYmweuFo
|
||||
-----END CERTIFICATE-----
|
||||
7
tests/certs/user-cert-no-uid.tmpl
Normal file
7
tests/certs/user-cert-no-uid.tmpl
Normal file
@@ -0,0 +1,7 @@
|
||||
dn = "cn=test"
|
||||
tls_www_client
|
||||
signing_key
|
||||
encryption_key
|
||||
expiration_days = -1
|
||||
activation_date = "2013-06-06 14:51:29"
|
||||
serial = 0x51d82f18
|
||||
22
tests/certs/user-cert-uid-other.pem
Normal file
22
tests/certs/user-cert-uid-other.pem
Normal file
@@ -0,0 +1,22 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDjjCCAkagAwIBAgIEUdgvFzANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDEwJD
|
||||
QTAgFw0xMzA2MDYxMjUxMjlaGA85OTk5MTIzMTIzNTk1OVowLDEPMA0GA1UEAxMG
|
||||
QSB1c2VyMRkwFwYKCZImiZPyLGQBARMJb3RoZXJ1c2VyMIIBUjANBgkqhkiG9w0B
|
||||
AQEFAAOCAT8AMIIBOgKCATEAq1SY/KnGFZWdpsGUhJSReR542y1IUZllAQLAQFJJ
|
||||
XetwvCbvaDkeBJHi28tvk0BFHiKOcVpYiSh5XhoyJT6LnTs0fxn40C83t2Iyt1Ol
|
||||
QyzFXeys+TX6FCs0ZvHWp6HQg5pW9BmDvL8RdDAtqChboqt6xs2cXPhR6akMSNtx
|
||||
u7E0d/fu3l14wEgKNw1lHjsrFAOJcvJS7V8AxQZg6oAg0EPsZrzSJtvwKT5q+WIg
|
||||
vlgmRLrXjG92pgUg5Ji3xHJ6Xd9PDSPsLpxx7DD5FF/IdQurZ/Z9+012ZEql1fq0
|
||||
CFCdE8ePwnmwtD4vidMzJ02fi9NgJAersnI9KaXESuw8BNJJPiYb7HoQPcpFWoCL
|
||||
TSqWY08tYygPO0dHynwsFUEy1eDJvqVVLLNrRipWsRvtKQIDAQABo3UwczAMBgNV
|
||||
HRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDAd
|
||||
BgNVHQ4EFgQUiwEJSzuR7OMhuR3sjWtMXZ5AgF4wHwYDVR0jBBgwFoAUSCM0UwqJ
|
||||
MThKWurKttKm3s4dKxgwDQYJKoZIhvcNAQELBQADggExAI+zxEuTdWooR3HdFgQQ
|
||||
UbC4ei/Jh8T8Pa6kcuHRPsr6Z+zMJpTEiNW/X5tOfaRIkykn9mXtHvy7s77lfQqC
|
||||
BaM2TxnNwARlm3amVHo/cZBlaact+Z7gSbcPYk9ZbjOc6MEa4WG/iwpF3kTehCX8
|
||||
hAXI7rrSz0xDmKPoqdnBXg9v3uim2fM7Mzrf18Y7iwlv+fUjK7hLDChS8IeIq/sw
|
||||
SlGr2LkJ5bwvS3Ti4Nrpi9VhscQhhFmChBld8MkBB0C/Y0XSZEEyG0lAol+OZiSl
|
||||
8vutB/JfDN2dAIjDYA/1YSQCvEnzbRHahgBK8QAfP9NK3TF/sCjwN8USZG+zJgGf
|
||||
sg5vpm8kY9NdLqSfPUmIk8ZWYh1fWfVsQTH+Z1VGYKurwhgUdgd2/Hf4zHUpIpV1
|
||||
3bQ=
|
||||
-----END CERTIFICATE-----
|
||||
7
tests/certs/user-cert-uid-other.tmpl
Normal file
7
tests/certs/user-cert-uid-other.tmpl
Normal file
@@ -0,0 +1,7 @@
|
||||
dn = "uid=otheruser,cn=A user"
|
||||
tls_www_client
|
||||
signing_key
|
||||
encryption_key
|
||||
expiration_days = -1
|
||||
activation_date = "2013-06-06 14:51:29"
|
||||
serial = 0x51d82f17
|
||||
@@ -51,10 +51,17 @@ echo -n "Connecting to obtain cookie (with incorrect certificate)... "
|
||||
|
||||
echo ok
|
||||
|
||||
echo -n "Connecting to obtain cookie (with certificate with different UID OID)... "
|
||||
( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:$PORT --sslkey ${srcdir}/certs/user-key.pem -c ${srcdir}/certs/user-cert-uid-other.pem -u test --servercert=pin-sha256:xp3scfzy3rOQsv9NcOve/8YVVv+pHr4qNCXEXrNl5s8= --cookieonly >/dev/null 2>&1 ) &&
|
||||
fail $PID "Should not have connected with certificate for a different user!"
|
||||
|
||||
#echo "Normal connection... "
|
||||
#( echo "test" | $OPENCONNECT -q $ADDRESS:$PORT -u test --servercert=pin-sha256:xp3scfzy3rOQsv9NcOve/8YVVv+pHr4qNCXEXrNl5s8= --script=/bin/true ) ||
|
||||
# fail $PID "Could not connect to server"
|
||||
echo ok
|
||||
|
||||
echo -n "Connecting to obtain cookie (with certificate without UID OID)... "
|
||||
( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:$PORT --sslkey ${srcdir}/certs/user-key.pem -c ${srcdir}/certs/user-cert-no-uid.pem -u test --servercert=pin-sha256:xp3scfzy3rOQsv9NcOve/8YVVv+pHr4qNCXEXrNl5s8= --cookieonly >/dev/null 2>&1 ) &&
|
||||
fail $PID "Should not have connected with certificate lacking UID OID!"
|
||||
|
||||
echo ok
|
||||
|
||||
cleanup
|
||||
|
||||
|
||||
Reference in New Issue
Block a user