diff options
author | Omar Polo <op@omarpolo.com> | 2022-01-03 13:31:34 +0000 |
---|---|---|
committer | Omar Polo <op@omarpolo.com> | 2022-01-03 13:31:34 +0000 |
commit | 92a9f41d3d4633cc8afbcef12d2dbd3743ac300d (patch) | |
tree | f22f0f14a37e316bbd1591ff9895b40e276e21ff /regress | |
parent | 7b7def0a8fb95c10840d697aad3f4ad008e46f4b (diff) |
add set_proxy to simplify testing + more checks in test_proxy_with_certs
Diffstat (limited to 'regress')
-rw-r--r-- | regress/lib.sh | 18 | ||||
-rw-r--r-- | regress/tests.sh | 53 |
2 files changed, 49 insertions, 22 deletions
diff --git a/regress/lib.sh b/regress/lib.sh index b0b6f0e..735a96f 100644 --- a/regress/lib.sh +++ b/regress/lib.sh @@ -63,6 +63,24 @@ EOF fi } +set_proxy() { + cat <<EOF >>reg.conf +server "localhost.local" { + cert "$PWD/cert.pem" + key "$PWD/key.pem" + proxy { + relay-to "localhost:$port" + $1 + } +} +EOF + + if ! checkconf; then + echo "failed to parse the config" >&2 + return 1 + fi +} + checkconf() { if ! $gmid -n -c reg.conf >/dev/null 2>&1; then $gmid -n -c reg.conf diff --git a/regress/tests.sh b/regress/tests.sh index 564145e..398c458 100644 --- a/regress/tests.sh +++ b/regress/tests.sh @@ -316,14 +316,8 @@ test_174_bugfix() { test_proxy_relay_to() { gen_config '' '' - # append config for second host - cat <<EOF >> reg.conf -server "localhost.local" { - cert "$PWD/cert.pem" - key "$PWD/key.pem" - proxy { relay-to "localhost:$port" } -} -EOF + set_proxy '' + run ggflags="-P localhost:$port -H localhost.local" @@ -333,23 +327,38 @@ EOF } test_proxy_with_certs() { + ggflags="-P localhost:$port -H localhost.local" + + # first test using the valid keys + gen_config '' 'require client ca "'$PWD'/testca.pem"' - # append config for second host - cat <<EOF >> reg.conf -server "localhost.local" { - cert "$PWD/cert.pem" - key "$PWD/key.pem" - proxy { - relay-to "localhost:$port" - cert "$PWD/valid.crt" - key "$PWD/valid.key" - } -} -EOF + set_proxy " + cert \"$PWD/valid.crt\" + key \"$PWD/valid.key\" + " run - ggflags="-P localhost:$port -H localhost.local" + fetch / + check_reply "20 text/gemini" "# hello world" || return 1 + + # then using some invalid keys + + gen_config '' 'require client ca "'$PWD'/testca.pem"' + set_proxy " + cert \"$PWD/invalid.cert.pem\" + key \"$PWD/invalid.key.pem\" + " + run fetch / - check_reply "20 text/gemini" "# hello world" + check_reply "61 certificate not authorised" || return 1 + + # and finally without keys + + gen_config '' 'require client ca "'$PWD'/testca.pem"' + set_proxy '' + run + + fetch / + check_reply "60 client certificate required" || return 1 } |