asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
|
Last change
on this file since 907ae8f was
907ae8f,
checked in by Thomas Klute <thomas2.klute@…>, 8 years ago
|
|
New test case: Proxy server detects revoked back end cert using CRL
The test case generates a CRL revoking the server certificate. Using
it as GnuTLSProxyCRLFile should cause the connection to the back end
server to fail.
|
-
Property mode set to
100755
|
|
File size:
719 bytes
|
| Line | |
|---|
| 1 | #!/bin/bash |
|---|
| 2 | |
|---|
| 3 | set -e |
|---|
| 4 | |
|---|
| 5 | testdir="./tests/22_TLS_reverse_proxy_crl_revoke" |
|---|
| 6 | . ./proxy_backend.bash |
|---|
| 7 | |
|---|
| 8 | # Generate CRL revoking the server certificate. Using it as |
|---|
| 9 | # GnuTLSProxyCRLFile should cause the connection to the back end |
|---|
| 10 | # server to fail. |
|---|
| 11 | certtool --generate-crl \ |
|---|
| 12 | --load-ca-privkey authority/secret.key \ |
|---|
| 13 | --load-ca-certificate authority/x509.pem \ |
|---|
| 14 | --load-certificate server/x509.pem \ |
|---|
| 15 | --template "${testdir}/crl.template" \ |
|---|
| 16 | >"${testdir}/crl.pem" |
|---|
| 17 | |
|---|
| 18 | function stop_backend |
|---|
| 19 | { |
|---|
| 20 | backend_apache "${dir}" "backend.conf" stop |
|---|
| 21 | } |
|---|
| 22 | backend_apache "${testdir}" "backend.conf" start "${BACKEND_LOCK}" |
|---|
| 23 | trap stop_backend EXIT |
|---|
| 24 | |
|---|
| 25 | make -f TestMakefile t-22 |
|---|
| 26 | |
|---|
| 27 | backend_apache "${testdir}" "backend.conf" stop |
|---|
| 28 | trap - EXIT |
|---|
Note: See
TracBrowser
for help on using the repository browser.
