summaryrefslogtreecommitdiffstats
path: root/debian/perl-framework/t/ssl/env.t
blob: 912a4dc948bfa43420bb491cf8a7bd9e02da9972 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89

use strict;
use warnings FATAL => 'all';
use Apache::Test;
use Apache::TestUtil;
use Apache::TestRequest;
use Apache::TestConfig ();
use Apache::TestSSLCA ();

#if keepalives are on, renegotiation not happen again once
#a client cert is presented.
Apache::TestRequest::user_agent_keepalive(0);

my $cert = 'client_snakeoil';

my $server_expect =
  Apache::TestSSLCA::dn_vars('ca', 'SERVER_I');

my $client_expect =
  Apache::TestSSLCA::dn_vars($cert, 'CLIENT_S');

my $url = '/ssl-cgi/env.pl';

my $tests = (keys(%$server_expect) + keys(%$client_expect) + 1) * 2;
plan tests => $tests, need need_cgi, need_lwp;

Apache::TestRequest::scheme('https');

my $r = GET($url);

ok t_cmp($r->code, 200, "response status OK");

my $env = getenv($r->as_string);

verify($env, $server_expect);
verify($env, $client_expect, 1);

$url = '/require-ssl-cgi/env.pl';

$r = GET($url, cert => $cert);

ok t_cmp($r->code, 200, "second response status OK");

$env = getenv($r->as_string);

verify($env, $server_expect);
verify($env, $client_expect);

sub verify {
    my($env, $expect, $ne) = @_;

    while (my($key, $val) = each %$expect) {
        # the emailAddress attribute is still exported using the name
        # _DN_Email by mod_ssl, even when using OpenSSL 0.9.7.
        if ($key =~ /(.*)_emailAddress/) {
            $key = $1 . "_Email";
        }
        if (Apache::TestConfig::WIN32) {
            #perl uppercases all %ENV keys
            #which causes SSL_*_DN_Email lookups to fail
            $key = uc $key;
        }
        unless ($ne || $env->{$key}) {
            print "#$key does not exist\n";
            $env->{$key} = ""; #prevent use of unitialized value
        }
        if ($ne) {
            print "#$key should not exist\n";
            ok not exists $env->{$key};
        }
        else {
            print "#$key: expect '$val', got '$env->{$key}'\n";
            ok $env->{$key} eq $val;
        }
    }
}

sub getenv {
    my $str = shift;

    my %env;

    for my $line (split /[\r\n]+/, $str) {
        my($key, $val) = split /\s*=\s*/, $line, 2;
        next unless $key and $val;
        $env{$key} = $val;
    }

    \%env;
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-01 23:40:34 +0000