dougm 01/12/14 00:55:38
Modified: perl-framework/t/conf/ssl ssl.conf.in
perl-framework/t/ssl env.t varlookup.t
Log:
integrate with new Apache::TestSSLCA module
Revision Changes Path
1.13 +6 -6 httpd-test/perl-framework/t/conf/ssl/ssl.conf.in
Index: ssl.conf.in
===================================================================
RCS file: /home/cvs/httpd-test/perl-framework/t/conf/ssl/ssl.conf.in,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- ssl.conf.in 2001/11/17 02:13:02 1.12
+++ ssl.conf.in 2001/12/14 08:55:38 1.13
@@ -27,15 +27,15 @@
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
- SSLCertificateFile @ServerRoot@/conf/ssl/certs/server.crt
+ SSLCertificateFile @SSLCA@/asf/certs/server.crt
- SSLCertificateKeyFile @ServerRoot@/conf/ssl/keys/server.pem
+ SSLCertificateKeyFile @SSLCA@/asf/keys/server.pem
- #SSLCertificateChainFile @ServerRoot@/conf/ssl/ca.crt
+ #SSLCertificateChainFile @SSLCA@/asf/certs/cachain.crt
- SSLCACertificateFile @ServerRoot@/conf/ssl/certs/ca-bundle.crt
+ SSLCACertificateFile @SSLCA@/asf/certs/cacert.crt
- SSLCARevocationFile @ServerRoot@/conf/ssl/crl/ca-bundle.crl
+ SSLCARevocationFile @SSLCA@/asf/crl/ca-bundle.crl
<VirtualHost @ssl_module_name@>
SSLEngine on
@@ -90,7 +90,7 @@
SSLOptions +FakeBasicAuth
AuthName "Snake Oil Authentication"
AuthType Basic
- AuthUserFile @ServerRoot@/conf/ssl/ssl.htpasswd
+ AuthUserFile @SSLCA@/asf/ssl.htpasswd
require valid-user
</Location>
</IfModule>
1.4 +14 -23 httpd-test/perl-framework/t/ssl/env.t
Index: env.t
===================================================================
RCS file: /home/cvs/httpd-test/perl-framework/t/ssl/env.t,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- env.t 2001/08/25 18:36:03 1.3
+++ env.t 2001/12/14 08:55:38 1.4
@@ -3,42 +3,34 @@
use Apache::Test;
use Apache::TestRequest;
use Apache::TestConfig ();
+use Apache::TestSSLCA ();
-my %server_expect = (
- SSL_SERVER_I_DN_C => 'US',
- SSL_SERVER_I_DN_CN => 'localhost',
- SSL_SERVER_I_DN_L => 'San Francisco',
- SSL_SERVER_I_DN_O => 'httpd-test',
- SSL_SERVER_I_DN_ST => 'California',
-);
-
-my %client_expect = (
- SSL_CLIENT_S_DN_C => 'AU',
- SSL_CLIENT_S_DN_CN => 'localhost',
- SSL_CLIENT_S_DN_L => 'Mackay',
- SSL_CLIENT_S_DN_O => 'Snake Oil, Ltd.',
- SSL_CLIENT_S_DN_OU => 'Staff',
- SSL_CLIENT_S_DN_ST => 'Queensland',
-);
+my $cert = 'client_snakeoil';
+my $server_expect =
+ Apache::TestSSLCA::dn_vars('cacert', 'SERVER_I');
+
+my $client_expect =
+ Apache::TestSSLCA::dn_vars($cert, 'CLIENT_S');
+
my $url = '/ssl-cgi/env.pl';
-my $tests = (keys(%server_expect) + keys(%client_expect)) * 2;
+my $tests = (keys(%$server_expect) + keys(%$client_expect)) * 2;
plan tests => $tests, \&have_cgi;
Apache::TestRequest::scheme('https');
my $env = getenv(GET_STR($url));
-verify($env, \%server_expect);
-verify($env, \%client_expect, 1);
+verify($env, $server_expect);
+verify($env, $client_expect, 1);
$url = '/require-ssl-cgi/env.pl';
-$env = getenv(GET_STR($url, cert => 'client_snakeoil'));
+$env = getenv(GET_STR($url, cert => $cert));
-verify($env, \%server_expect);
-verify($env, \%client_expect);
+verify($env, $server_expect);
+verify($env, $client_expect);
sub verify {
my($env, $expect, $ne) = @_;
@@ -46,7 +38,6 @@
while (my($key, $val) = each %$expect) {
ok $ne ? not exists $env->{$key} : $env->{$key} eq $val;
}
-
}
sub getenv {
1.6 +28 -49 httpd-test/perl-framework/t/ssl/varlookup.t
Index: varlookup.t
===================================================================
RCS file: /home/cvs/httpd-test/perl-framework/t/ssl/varlookup.t,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- varlookup.t 2001/12/01 20:49:16 1.5
+++ varlookup.t 2001/12/14 08:55:38 1.6
@@ -4,6 +4,8 @@
use Apache::Test;
use Apache::TestRequest;
use Apache::TestUtil;
+use Apache::TestSSLCA qw(dn dn_oneline);
+
use Time::localtime;
my $config = Apache::Test::config();
@@ -19,34 +21,23 @@
my $url = '/test_ssl_var_lookup';
my(%lookup, @vars);
+
+my %client_dn = dn('client_ok');
+
+my $client_dn = dn_oneline(\%client_dn);
+
+my %client_i_dn = dn('cacert');
+
+my $client_i_dn = dn_oneline(\%client_i_dn);
+
+my %server_dn = dn('server');
-my %client_dn = (
- C => 'US',
- ST => 'California',
- L => 'San Francisco',
- O => 'ASF',
- OU => 'httpd-test',
- CN => 'client_ok',
-);
-
-my $client_dn = dn_string(\%client_dn);
-
-my %client_i_dn = %client_dn;
-$client_i_dn{CN} = 'localhost';
-my $client_i_dn = dn_string(\%client_i_dn);
-
-my %server_dn = (
- C => 'US',
- ST => 'California',
- L => 'San Francisco',
- O => 'httpd-test',
- CN => 'localhost',
-);
+my $server_dn = dn_oneline(\%server_dn);
-my $server_dn = dn_string(\%server_dn);
+my %server_i_dn = %client_i_dn;
+my $server_i_dn = $client_i_dn;
-my %server_i_dn = %server_dn;
-my $server_i_dn = dn_string(\%server_i_dn);
+my $cert_datefmt = '^\w{3} \d{2} \d{2}:\d{2}:\d{2} \d{4} GMT$';
while (<DATA>) {
chomp;
@@ -89,18 +80,6 @@
t_cmp($lookup{$key}, $str, "$key");
}
-sub dn_string {
- my($dn) = @_;
- my $string = "";
-
- for my $k (qw(C ST L O OU CN)) {
- next unless $dn->{$k};
- $string .= "/$k=$dn->{$k}";
- }
-
- $string;
-}
-
__END__
#http://www.modssl.org/docs/2.8/ssl_reference.html#ToC23
HTTP_USER_AGENT "libwww-perl/$LWP::VERSION",
@@ -148,18 +127,18 @@
ENV:THE_ARGS 'ENV:THE_ARGS'
#XXX: should use Net::SSLeay to parse the certs
-#rather than hardcode this data
-#as the test certs could change in the future
-SSL_CLIENT_M_VERSION '3'
-SSL_SERVER_M_VERSION '3'
-SSL_CLIENT_M_SERIAL '02'
-SSL_SERVER_M_SERIAL '01'
+#rather than just pattern match and hardcode
+
+SSL_CLIENT_M_VERSION qr(^\d+$)
+SSL_SERVER_M_VERSION qr(^\d+$)
+SSL_CLIENT_M_SERIAL qr(^\d+$)
+SSL_SERVER_M_SERIAL qr(^\d+$)
SSL_PROTOCOL 'TLSv1'
-SSL_CLIENT_V_START 'Aug 13 02:05:09 2001 GMT'
-SSL_SERVER_V_START 'Aug 11 20:52:30 2001 GMT'
+SSL_CLIENT_V_START qr($cert_datefmt);
+SSL_SERVER_V_START qr($cert_datefmt);
SSL_SESSION_ID
-SSL_CLIENT_V_END 'Aug 13 02:05:09 2002 GMT'
-SSL_SERVER_V_END 'Aug 11 20:52:30 2002 GMT'
+SSL_CLIENT_V_END qr($cert_datefmt);
+SSL_SERVER_V_END qr($cert_datefmt);
SSL_CIPHER 'EDH-RSA-DES-CBC3-SHA'
SSL_CIPHER_EXPORT 'false'
SSL_CIPHER_ALGKEYSIZE '168'
@@ -176,7 +155,7 @@
SSL_CLIENT_S_DN_O "$client_dn{O}"
SSL_SERVER_S_DN_O "$server_dn{O}"
SSL_CLIENT_S_DN_OU "$client_dn{OU}"
-SSL_SERVER_S_DN_OU
+SSL_SERVER_S_DN_OU "$server_dn{OU}"
SSL_CLIENT_S_DN_CN "$client_dn{CN}"
SSL_SERVER_S_DN_CN "$server_dn{CN}"
SSL_CLIENT_S_DN_T
@@ -205,7 +184,7 @@
SSL_CLIENT_I_DN_O "$client_i_dn{O}"
SSL_SERVER_I_DN_O "$server_i_dn{O}"
SSL_CLIENT_I_DN_OU "$client_i_dn{OU}"
-SSL_SERVER_I_DN_OU
+SSL_SERVER_I_DN_OU "$server_i_dn{OU}"
SSL_CLIENT_I_DN_CN "$client_i_dn{CN}"
SSL_SERVER_I_DN_CN "$server_i_dn{CN}"
SSL_CLIENT_I_DN_T
