blob: 112098dfa16729a3fbe23938a831005028e10f2f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
use strict;
use warnings;
use File::Temp qw(tempfile);
use Test::More;
plan skip_all => "skipping live tests (setenv LIVE_TESTS=1 to run them)"
unless $ENV{LIVE_TESTS};
my @HOSTS = qw(
www.verisign.com
www.thawte.com
www.cybertrust.ne.jp
www.comodo.com
www.godaddy.com
www.startssl.com
);
for my $host (@HOSTS) {
subtest $host => sub {
doit($host);
};
}
done_testing;
sub doit {
my $host = shift;
my $input = do {
open my $fh, "-|", "openssl s_client -showcerts -host $host -port 443 -CAfile /dev/null < /dev/null 2>&1"
or die "failed to invoke openssl:$!";
local $/;
<$fh>;
};
my @certs;
while ($input =~ /(-----BEGIN CERTIFICATE-----.*?-----END CERTIFICATE-----)/sg) {
push @certs, $1;
}
ok @certs >= 2, "chain has more than 2 certificates";
my ($cert_fh, $cert_fn) = tempfile(UNLINK => 1);
print $cert_fh join "\n", @certs;
close $cert_fh;
my $ret = system("share/h2o/fetch-ocsp-response $cert_fn > /dev/null");
if ($ret == 0) {
pass "successfully fetched and verified OCSP response";
} else {
fail "fetch-ocsp-response exitted with status:$?";
}
}
|
