ignore querystring while dispatching

Signed-off-by: johnson <10619522-OnFIs@users.noreply.gitlab.com>

tests/Makefile.am

@@ -44,7 +44,8 @@ EXTRA_DIST = certs/ca-key.pem certs/ca.pem ns.sh common.sh certs/server-cert.pem
 	data/disconnect-user2.config data/ping-leases.config data/haproxy-proxyproto.config \
 	data/haproxy-proxyproto.cfg scripts/proxy-connectscript data/haproxy-proxyproto-v1.config \
 	data/haproxy-proxyproto-v1.cfg scripts/proxy-connectscript-v1 data/test-multiple-client-ip.config \
-	data/test-client-bypass-protocol.config asan.supp
+	data/test-client-bypass-protocol.config asan.supp certs/ca.tmpl certs/server-cert.tmpl \
+	certs/user-cert.tmpl data/test-camouflage.config data/test-camouflage-norealm.config
 
 xfail_scripts =
 dist_check_SCRIPTS =  ocpasswd-test
@@ -61,7 +62,8 @@ dist_check_SCRIPTS += haproxy-connect test-iroute test-multi-cookie test-pass-sc
 	test-cookie-invalidation test-user-config test-append-routes test-ban \
 	multiple-routes json test-udp-listen-host test-max-same-1 test-script-multi-user \
 	apple-ios ipv6-iface test-namespace-listen disconnect-user disconnect-user2 \
-	ping-leases test-ban-local test-client-bypass-protocol ipv6-small-net
+	ping-leases test-ban-local test-client-bypass-protocol ipv6-small-net test-camouflage \
+	test-camouflage-norealm
 
 if RADIUS_ENABLED
 dist_check_SCRIPTS += radius-group radius-otp
@@ -92,7 +94,7 @@ dist_check_SCRIPTS += test-pass test-pass-cert test-cert test-group-pass \
 	test-gssapi test-pass-opt-cert test-cert-opt-pass test-gssapi-opt-pass \
 	test-gssapi-opt-cert haproxy-auth test-maintenance resumption \
 	test-group-name flowcontrol banner invalid-configs haproxy-proxyproto \
-	haproxy-proxyproto-v1 drain-server drain-server-fail
+	haproxy-proxyproto-v1 drain-server drain-server-fail test-ignore-querystring-of-post
 
 if HAVE_CWRAP_PAM
 dist_check_SCRIPTS += test-pam test-pam-noauth
@@ -176,6 +178,25 @@ gen_oidc_test_data_CPPFLAGS = $(AM_CPPFLAGS)
 gen_oidc_test_data_SOURCES = generate_oidc_test_data.c
 gen_oidc_test_data_LDADD = $(LDADD) $(CJOSE_LIBS) $(JANSSON_LIBS)
 
+certs/ca.pem: certs/ca-key.pem certs/ca.tmpl
+	certtool --generate-self-signed --template certs/ca.tmpl --load-privkey certs/ca-key.pem --outfile certs/ca.pem
+
+certs/server-cert-ca.pem: certs/ca.pem certs/server-cert.pem
+	cat certs/server-cert.pem certs/ca.pem > certs/server-cert-ca.pem
+
+certs/server-cert.pem: certs/server-cert.tmpl certs/ca.pem certs/server-key.pem certs/ca-key.pem
+	certtool --generate-certificate --template certs/server-cert.tmpl --load-privkey certs/server-key.pem --load-ca-certificate certs/ca.pem --load-ca-privkey certs/ca-key.pem --outfile certs/server-cert.pem
+
+certs/user-cert.pem: certs/user-cert.tmpl certs/ca.pem certs/user-key.pem certs/ca-key.pem
+	certtool --generate-certificate --template certs/user-cert.tmpl --load-privkey certs/user-key.pem --load-ca-certificate certs/ca.pem --load-ca-privkey certs/ca-key.pem --outfile certs/user-cert.pem
+
+# make the user certificate invalid by signing it with another CA
+certs/user-cert-invalid.pem: certs/user-cert.tmpl
+	certtool --generate-privkey --outfile ca-key.tmp
+	certtool --generate-self-signed --template certs/ca.tmpl --load-privkey ca-key.tmp --outfile ca.tmp
+	certtool --generate-certificate --template certs/user-cert.tmpl --load-privkey certs/user-key.pem --load-ca-certificate ca.tmp --load-ca-privkey ca-key.tmp --outfile certs/user-cert-invalid.pem
+	rm -f ca-key.tmp ca.tmp
+
 if ENABLE_OIDC_AUTH_TESTS
 check_PROGRAMS += gen_oidc_test_data
 dist_check_SCRIPTS += test-oidc