diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 21:12:02 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 21:12:02 +0000 |
commit | 77e50caaf2ef81cd91075cf836fed0e75718ffb4 (patch) | |
tree | 53b7b411290b63192fc9e924a3b6b65cdf67e9d0 /debian/vendor-h2o/t/90live-fetch-ocsp-response.t | |
parent | Adding upstream version 1.8.3. (diff) | |
download | dnsdist-77e50caaf2ef81cd91075cf836fed0e75718ffb4.tar.xz dnsdist-77e50caaf2ef81cd91075cf836fed0e75718ffb4.zip |
Adding debian version 1.8.3-2.debian/1.8.3-2
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | debian/vendor-h2o/t/90live-fetch-ocsp-response.t | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/debian/vendor-h2o/t/90live-fetch-ocsp-response.t b/debian/vendor-h2o/t/90live-fetch-ocsp-response.t new file mode 100644 index 0000000..112098d --- /dev/null +++ b/debian/vendor-h2o/t/90live-fetch-ocsp-response.t @@ -0,0 +1,50 @@ +use strict; +use warnings; +use File::Temp qw(tempfile); +use Test::More; + +plan skip_all => "skipping live tests (setenv LIVE_TESTS=1 to run them)" + unless $ENV{LIVE_TESTS}; + +my @HOSTS = qw( + www.verisign.com + www.thawte.com + www.cybertrust.ne.jp + www.comodo.com + www.godaddy.com + www.startssl.com +); + +for my $host (@HOSTS) { + subtest $host => sub { + doit($host); + }; +} + +done_testing; + +sub doit { + my $host = shift; + my $input = do { + open my $fh, "-|", "openssl s_client -showcerts -host $host -port 443 -CAfile /dev/null < /dev/null 2>&1" + or die "failed to invoke openssl:$!"; + local $/; + <$fh>; + }; + my @certs; + while ($input =~ /(-----BEGIN CERTIFICATE-----.*?-----END CERTIFICATE-----)/sg) { + push @certs, $1; + } + ok @certs >= 2, "chain has more than 2 certificates"; + + my ($cert_fh, $cert_fn) = tempfile(UNLINK => 1); + print $cert_fh join "\n", @certs; + close $cert_fh; + + my $ret = system("share/h2o/fetch-ocsp-response $cert_fn > /dev/null"); + if ($ret == 0) { + pass "successfully fetched and verified OCSP response"; + } else { + fail "fetch-ocsp-response exitted with status:$?"; + } +} |