App-CamelPKI
view release on metacpan or search on metacpan
lib/App/CamelPKI/SysV/Apache.pm view on Meta::CPAN
App::CamelPKI::SysV::Apache->load($directory)->stop();
my $apache = load App::CamelPKI::SysV::Apache($directory);
ok(! $apache->is_wedged());
$apache->start();
ok(! $apache->is_wedged());
chomp(my $pid = read_file($apache->_pid_filename()));
like($pid, qr/^\d+$/);
unlink($apache->_pid_filename());
ok($apache->is_wedged());
ok(kill(TERM => $pid), "manual corrective action");
ok($apache->_wait_for(sub { ! $apache->is_wedged }), "unwedged");
};
test "->is_running_under returns false in a normal Perl" => sub {
ok(! App::CamelPKI::SysV::Apache->is_running_under);
};
SKIP: {
use App::CamelPKI;
my $webserver = App::CamelPKI->model("WebServer")->apache;
skip "Key Ceremony has not been done", 1
unless $webserver->is_operational;
test "App::CamelPKI service" => sub {
my $webserver = App::CamelPKI::SysV::Apache->load($directory);
$webserver->start();
my $ca = LWP::Simple::get("https://localhost:12345/ca/certificate_pem");
like($ca, qr/BEGIN CERTIFICATE/)
or warn $webserver->tail_error_logfile;
}
};
mkdir(my $phpdir = catdir(My::Tests::Below->tempdir, "php"));
SKIP: {
use App::CamelPKI;
my $webserver = App::CamelPKI->model("WebServer")->apache;
skip "modphp is not installed", 2
unless ($webserver->is_installed_and_has_php_support);
test "PHP pages in t/php" => sub {
my $webserver = App::CamelPKI::SysV::Apache->load($directory);
is($webserver->test_php_directory, undef);
$webserver->test_php_directory($phpdir);
$webserver->stop(); $webserver->start();
$webserver = App::CamelPKI::SysV::Apache->load($directory);
is($webserver->test_php_directory, $phpdir,
"test_php_directory persistent");
write_file(catfile($phpdir, "phpinfo.php"), <<"PHPINFO");
<?php
phpinfo();
?>
PHPINFO
my $phpinfo = LWP::Simple::get
("https://localhost:12345/t/php/phpinfo.php");
like($phpinfo, qr/www\.php\.net/);
};
use IO::Socket::SSL;
use LWP::UserAgent;
use App::CamelPKI::Test qw(http_request_prepare http_request_execute);
test "SSL client w/ certificate" => sub {
my $webserver = App::CamelPKI::SysV::Apache->load($directory);
unless ($webserver->test_php_directory) {
$webserver->test_php_directory($phpdir);
$webserver->stop();
}
$webserver->start();
write_file(catfile($phpdir, "ssl_vars.php"), <<'PHP_SSL_VARS');
$_SERVER["HTTPS"] = <?php print $_SERVER["HTTPS"] ?>
$_SERVER["SSL_CLIENT_VERIFY"] = <?php print $_SERVER["SSL_CLIENT_VERIFY"] ?>
$_SERVER["SSL_CLIENT_S_DN"] = <?php print $_SERVER["SSL_CLIENT_S_DN"] ?>
PHP_SSL_VARS
my $req = http_request_prepare
('https://localhost:12345/t/php/ssl_vars.php');
my $response = http_request_execute($req);
die $response->content unless $response->is_success;
like($response->content, qr/HTTPS.* = on/);
like($response->content, qr/SSL_CLIENT_VERIFY.* = NONE/);
my %opts = (-certificate => $test_entity_certs{"rsa1024"},
-key => $test_keys_plaintext{"rsa1024"});
$req = http_request_prepare
('https://localhost:12345/t/php/ssl_vars.php', %opts);
$response = http_request_execute($req, %opts);
die $response->content unless $response->is_success;
like($response->content, qr/HTTPS.* = on/);
like($response->content, qr/SSL_CLIENT_VERIFY.* = SUCCESS/);
like($response->content, qr/SSL_CLIENT_S_DN.* = .*CN=John Doe/);
};
};
use App::CamelPKI::Test qw(certificate_chain_ok);
use App::CamelPKI::CertTemplate;
=head2 SHA-256 authentication failure regression suite
Trying to authenticate to an I<App::CamelPKI::SysV::Apache> instance using
SHA256 client certificates used to elicit a cryptic error message.
This is because mod_ssl only knows about the hash algorithms from the
TLsv1 suite out of the box (and SHA256 is not one of these). The
following two tests exercise that.
The current solution is to add a "PerlModule Crypt::OpenSSL::CA" that
calls C<OpenSSL_add_all_digests()> as a side effect, but we need to
find a better way lest every server in Camel-PKI have to contain a
mod_perl just for that.
=cut
sub make_bogus_keypair_using_hash {
my ($hash, $admincertfile, $adminkeyfile) = @_;
write_file($adminkeyfile, $test_keys_plaintext{"rsa1024"});
( run in 1.035 second using v1.01-cache-2.11-cpan-d8267643d1d )