From 02be96c6ddfc34e448cccd095b4f3d0efe4de8a3 Mon Sep 17 00:00:00 2001 From: Omar Polo Date: Tue, 9 Feb 2021 22:30:04 +0000 Subject: add `require client ca' rule to require certs signed by a CA --- regress/runtime | 27 ++++++++++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) (limited to 'regress/runtime') diff --git a/regress/runtime b/regress/runtime index 1c991b3..a05184a 100755 --- a/regress/runtime +++ b/regress/runtime @@ -2,6 +2,8 @@ set -e +ggflags= + # usage: config # generates a configuration file reg.conf config() { @@ -25,19 +27,19 @@ checkconf() { # usage: get # return the body of the request on stdout get() { - ./../gg -b "gemini://localhost:10965/$1" + ./../gg -b $ggflags "gemini://localhost:10965/$1" } # usage: head # return the meta response line on stdout head() { - ./../gg -h "gemini://localhost:10965/$1" + ./../gg -h $ggflags "gemini://localhost:10965/$1" } # usage: raw # return both header and body raw() { - ./../gg "gemini://localhost:10965/$1" + ./../gg $ggflags "gemini://localhost:10965/$1" } run() { @@ -276,4 +278,23 @@ eq "$(head /foo/bar)" "20 text/plain; lang=en" "Unknown head for /foo/bar" eq "$(get /foo/bar|grep PATH_INFO)" "PATH_INFO=/foo/bar" "Unexpected PATH_INFO" echo OK GET /foo/bar with entrypoint +# test with require ca + +config '' 'require client ca "'$PWD'/testca.pem"' +checkconf +restart + +eq "$(head /)" "60 client certificate required" "Unexpected head for /" +echo OK GET / without client certificate + +ggflags="-C valid.crt -K valid.key" +eq "$(head /)" "20 text/gemini" "Unexpected head for /" +echo OK GET / with valid client certificate + +ggflags="-C invalid.cert.pem -K invalid.key.pem" +eq "$(head /)" "61 certificate not authorised" "Unexpected head for /" +echo OK GET / with invalid client certificate + +ggflags='' + quit -- cgit v1.2.3