wget/tests/Test-https-clientcert.px

108 lines
3.2 KiB
Plaintext
Raw Normal View History

2022-05-14 03:18:11 +08:00
#!/usr/bin/env -S perl -I .
use strict;
use warnings;
use Socket;
use WgetFeature qw(https);
use SSLTest;
###############################################################################
# code, msg, headers, content
my %urls = (
'/somefile.txt' => {
code => "200",
msg => "Dontcare",
headers => {
"Content-type" => "text/plain",
},
content => "blabla",
},
);
my $srcdir;
if (@ARGV) {
$srcdir = shift @ARGV;
} elsif (defined $ENV{srcdir}) {
$srcdir = $ENV{srcdir};
}
$srcdir = Cwd::abs_path("$srcdir");
# HOSTALIASES env variable allows us to create hosts file alias.
my $testhostname = "WgetTestingServer";
$ENV{'HOSTALIASES'} = "$srcdir/certs/wgethosts";
my $addr = gethostbyname($testhostname);
unless ($addr)
{
warn "Failed to resolve $testhostname, using $srcdir/certs/wgethosts\n";
exit 77;
}
unless (inet_ntoa($addr) =~ "127.0.0.1")
{
warn "Unexpected IP for localhost: ".inet_ntoa($addr)."\n";
exit 77;
}
my $cacrt = "$srcdir/certs/test-ca-cert.pem";
#my $cakey = "$srcdir/certs/test-ca-key.pem";
# Prepare server certificate
my $servercrt = "$srcdir/certs/server-cert.pem";
my $serverkey = "$srcdir/certs/server-key.pem";
# Use client certificate
my $clientcert = "$srcdir/certs/client-cert.pem";
my $clientkey = "$srcdir/certs/client-key.pem";
# Try Wget using SSL with mismatched client cert & key . Expect error
my $port = 21443;
my $cmdline = $WgetTest::WGETPATH . " --certificate=$clientcert ".
" --private-key=$serverkey ".
" --ca-certificate=$cacrt".
" https://$testhostname:$port/somefile.txt";
my $expected_error_code = 5;
my %existing_files = (
);
my %expected_downloaded_files = (
'somefile.txt' => {
content => "blabla",
},
);
my $sslsock = SSLTest->new(cmdline => $cmdline,
input => \%urls,
errcode => $expected_error_code,
existing => \%existing_files,
output => \%expected_downloaded_files,
certfile => $servercrt,
keyfile => $serverkey,
lhostname => $testhostname,
sslport => $port);
if ($sslsock->run() == 0)
{
exit 0;
}
# Retry wget using SSL with client certificate. Expect success
$port = 22443;
$cmdline = $WgetTest::WGETPATH . " --certificate=$clientcert".
" --private-key=$clientkey ".
" --ca-certificate=$cacrt".
" https://$testhostname:$port/somefile.txt";
$expected_error_code = 0;
my $retryssl = SSLTest->new(cmdline => $cmdline,
input => \%urls,
errcode => $expected_error_code,
existing => \%existing_files,
output => \%expected_downloaded_files,
certfile => $servercrt,
keyfile => $serverkey,
lhostname => $testhostname,
sslport => $port);
exit $retryssl->run();
# vim: et ts=4 sw=4