From 4f0770f3df78ecd5dcaefbd214f7a1415366bca6 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sat, 27 Apr 2024 08:33:51 +0200 Subject: Adding debian version 2.4.56-1~deb11u2. Signed-off-by: Daniel Baumann --- debian/perl-framework/t/ssl/require.t | 55 +++++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 debian/perl-framework/t/ssl/require.t (limited to 'debian/perl-framework/t/ssl/require.t') diff --git a/debian/perl-framework/t/ssl/require.t b/debian/perl-framework/t/ssl/require.t new file mode 100644 index 0000000..2a218d4 --- /dev/null +++ b/debian/perl-framework/t/ssl/require.t @@ -0,0 +1,55 @@ +use strict; +use warnings FATAL => 'all'; + +use Apache::Test; +use Apache::TestRequest; + +#if keepalives are on, renegotiation not happen again once +#a client cert is presented. so on test #3, the cert from #2 +#will be used. this test scenerio would never +#happen in real-life, so just disable keepalives here. +Apache::TestRequest::user_agent_keepalive(0); + +my $sslrequire_oid_needed_version = '2.1.7'; +my $have_sslrequire_oid = have_min_apache_version($sslrequire_oid_needed_version); + +plan tests => 10, need_lwp; + +Apache::TestRequest::scheme('https'); + +my $url = '/require/asf/index.html'; + +ok GET_RC($url, cert => undef) != 200; + +ok GET_RC($url, cert => 'client_ok') == 200; + +ok GET_RC($url, cert => 'client_revoked') != 200; + +$url = '/require/snakeoil/index.html'; + +ok GET_RC($url, cert => 'client_ok') != 200; + +ok GET_RC($url, cert => 'client_snakeoil') == 200; + +ok GET_RC('/require/strcmp/index.html', cert => undef) == 200; + +ok GET_RC('/require/intcmp/index.html', cert => undef) == 200; + +if ($have_sslrequire_oid) { + + $url = '/require/certext/index.html'; + + ok GET_RC($url, cert => undef) != 200; + + if (!have_min_apache_version("2.4.0")) { + skip "not backported, see 2.2.19 vote thread for analysis"; + } + else { + ok GET_RC($url, cert => 'client_ok') == 200; + } + + ok GET_RC($url, cert => 'client_snakeoil') != 200; + +} else { + skip "skipping certificate extension test (httpd < $sslrequire_oid_needed_version)" foreach (1..3); +} -- cgit v1.2.3