From be1c7e50e1e8809ea56f2c9d472eccd8ffd73a97 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 19 Apr 2024 04:57:58 +0200 Subject: Adding upstream version 1.44.3. Signed-off-by: Daniel Baumann --- .../h2o/libh2o/t/90live-fetch-ocsp-response.t | 50 ++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 web/server/h2o/libh2o/t/90live-fetch-ocsp-response.t (limited to 'web/server/h2o/libh2o/t/90live-fetch-ocsp-response.t') diff --git a/web/server/h2o/libh2o/t/90live-fetch-ocsp-response.t b/web/server/h2o/libh2o/t/90live-fetch-ocsp-response.t new file mode 100644 index 00000000..112098df --- /dev/null +++ b/web/server/h2o/libh2o/t/90live-fetch-ocsp-response.t @@ -0,0 +1,50 @@ +use strict; +use warnings; +use File::Temp qw(tempfile); +use Test::More; + +plan skip_all => "skipping live tests (setenv LIVE_TESTS=1 to run them)" + unless $ENV{LIVE_TESTS}; + +my @HOSTS = qw( + www.verisign.com + www.thawte.com + www.cybertrust.ne.jp + www.comodo.com + www.godaddy.com + www.startssl.com +); + +for my $host (@HOSTS) { + subtest $host => sub { + doit($host); + }; +} + +done_testing; + +sub doit { + my $host = shift; + my $input = do { + open my $fh, "-|", "openssl s_client -showcerts -host $host -port 443 -CAfile /dev/null < /dev/null 2>&1" + or die "failed to invoke openssl:$!"; + local $/; + <$fh>; + }; + my @certs; + while ($input =~ /(-----BEGIN CERTIFICATE-----.*?-----END CERTIFICATE-----)/sg) { + push @certs, $1; + } + ok @certs >= 2, "chain has more than 2 certificates"; + + my ($cert_fh, $cert_fn) = tempfile(UNLINK => 1); + print $cert_fh join "\n", @certs; + close $cert_fh; + + my $ret = system("share/h2o/fetch-ocsp-response $cert_fn > /dev/null"); + if ($ret == 0) { + pass "successfully fetched and verified OCSP response"; + } else { + fail "fetch-ocsp-response exitted with status:$?"; + } +} -- cgit v1.2.3