Commit 273ea069 authored by Karel Koci's avatar Karel Koci 🤘

Test with crl file in uri test

parent 1770357d
......@@ -28,6 +28,7 @@ tags
tests/check-compiled
tests/luacheck-compiled
tests/arguments
tests/api.turris.cz.crl.pem
testdir
# Gitlab pages
pages
......@@ -153,6 +153,12 @@ test-locks: $(O)/bin/locks
valgrind-locks: $(O)/bin/locks
$(VALGRIND) $(O)/bin/locks
# In uri test we are connecting to api.turris.cz and this downloads us crl
test-lua-uri: $(S)/tests/api.turris.cz.crl.pem
# Always download to ensure that it won't timeout
$(S)/tests/api.turris.cz.crl.pem: FORCE
curl -k https://api.turris.cz/crl -o $@
test: test-locks
valgrind: valgrind-locks
check: test valgrind luac-autoload luacheck cppcheck
......
......@@ -177,6 +177,7 @@ end
function test_https_cert()
local context = sandbox.new("Local")
local ca_file = "file://" .. dir .. "tests/data/updater.pem"
local crl_file = "file://" .. dir .. "tests/api.turris.cz.crl.pem"
-- It should succeed with the correct CA
local u1 = uri(context, "https://api.turris.cz/", {verification = "cert", ca = ca_file, ocsp = false})
-- But should fail with a wrong one
......@@ -187,6 +188,8 @@ function test_https_cert()
local u4 = uri(context, "https://api.turris.cz/", {verification = "cert", ocsp = false})
-- nil ca should result in success on repo as it's signed by common authority
local u5 = uri(context, "https://repo.turris.cz/", {verification = "cert"})
-- We can specify crl
local u6 = uri(context, "https://api.turris.cz/", {verification = "cert", ca = ca_file, crl = crl_file, ocsp = false})
local ok1 = u1:get()
assert(ok1)
local ok2 = u2:get()
......@@ -197,6 +200,8 @@ function test_https_cert()
assert_false(ok4)
local ok5 = u5:get()
assert(ok5)
local ok6 = u6:get()
assert(ok6)
-- Check we can put the verification stuff into the context
context.ca = ca_file
context.verification = "cert"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment