Skip to content

Commit

Permalink
Merge pull request #166 from ruby-ldap/starttls-test-verify-none
Browse files Browse the repository at this point in the history 
Specify certfile to verify SSL certs against in tests
  • Loading branch information
@mtodd
mtodd committed Dec 10, 2014
2 parents 7a60375 + 23ee34f commit 14abcaf
Show file tree
Hide file tree
Showing 3 changed files with 41 additions and 2 deletions.
20 changes: 20 additions & 0 deletions test/fixtures/cacert.pem
View file
@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDRzCCAf+gAwIBAgIEVHpbmjANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDEwhy
dWJ5bGRhcDAeFw0xNDExMjkyMzQ5NDZaFw0xNTExMjkyMzQ5NDZaMBMxETAPBgNV
BAMTCHJ1YnlsZGFwMIIBUjANBgkqhkiG9w0BAQEFAAOCAT8AMIIBOgKCATEA4pKe
cDCNuL53fkpO/WSAS+gmMTsOs+oOK71kZlk2QT/MBz8TxC6m358qCADjnXcMVVxa
ySQbQlVKZMkIvLNciZbiLDgC5II0NbHACNa8rqenoKRjS4J9W3OhA8EmnXn/Me+8
uMCI9tfnKNRZYdkQZlra4I+Idn+xYfl/5q5b/7ZjPS2zY/585hFEYE+5vfOZVBSU
3HMNSeuJvTehLv7dD7aQfXNM4cRgHXequkJQ/HLLFAO4AgJ+LJrFWpj7GWz3crgr
9G5px4T78wJH3NQiOsG6UBXPw8c4T+Z6GAWX2l1zs1gZsaiCVbAraqK3404lL7yp
+ThbsW3ifzgNPhmjScXBLdbEDrrAKosW7kkTOGzxiMCBmNlj2SKhcztoduAtfF1f
Fs2Jk8MRTHwO8ThD7wIDAQABo0MwQTAPBgNVHRMBAf8EBTADAQH/MA8GA1UdDwEB
/wQFAwMHBAAwHQYDVR0OBBYEFJDm67ekyFu4/Z7VcO6Vk/5pinGcMA0GCSqGSIb3
DQEBCwUAA4IBMQDHeEPzfYRtjynpUKyrtxx/6ZVOfCLuz4eHkBZggz/pJacDCv/a
I//W03XCk8RWq/fWVVUzvxXgPwnYcw992PLM7XW81zp6ruRUDWooYnjHZZz3bRhe
kC4QvM2mZhcsMVmhmWWKZn81qXgVdUY1XNRhk87cuXjF/UTpEieFvWAsCUkFZkqB
AmySCuI/FuPaauT1YAltkIlYAEIGNJGZDMf2BTVUQpXhTXeS9/AZWLNDBwiq+fwo
YYnsr9MnBXCEmg1gVSR/Ay2AZmbYfiYtb5kU8uq2lSWAUb4LX6HZl82wo3OilrJ2
WXl6Qf+Fcy4qqkRt4AKHjtzizpEDCOVYuuG0Zoy+QnxNXRsEzpb8ymnJFrcgYfk/
6Lv2gWAFl5FqCZp7gBWg55eL2coT4C+mbNTF
-----END CERTIFICATE-----
11 changes: 9 additions & 2 deletions test/integration/test_bind.rb
View file
Expand Up @@ -20,8 +20,15 @@ def test_bind_fail
refute @ldap.bind(method: :simple, username: "uid=user1,ou=People,dc=rubyldap,dc=com", password: "not my password"), @ldap.get_operation_result.inspect
end

def test_bind_tls
@ldap.encryption(method: :start_tls, tls_options: OpenSSL::SSL::SSLContext::DEFAULT_PARAMS)
def test_bind_tls_with_cafile
tls_options = OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.merge(:ca_file => CA_FILE)
@ldap.encryption(method: :start_tls, tls_options: tls_options)
assert @ldap.bind(method: :simple, username: "uid=user1,ou=People,dc=rubyldap,dc=com", password: "passworD1"), @ldap.get_operation_result.inspect
end

def test_bind_tls_with_verify_none
tls_options = OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.merge(:verify_mode => OpenSSL::SSL::VERIFY_NONE)
@ldap.encryption(method: :start_tls, tls_options: tls_options)
assert @ldap.bind(method: :simple, username: "uid=user1,ou=People,dc=rubyldap,dc=com", password: "passworD1"), @ldap.get_operation_result.inspect
end
end
12 changes: 12 additions & 0 deletions test/test_helper.rb
View file
Expand Up @@ -6,6 +6,18 @@
# Whether integration tests should be run.
INTEGRATION = ENV.fetch("INTEGRATION", "skip") != "skip"

# The CA file to verify certs against for tests.
# Override with CA_FILE env variable; otherwise checks for the VM-specific path
# and falls back to the test/fixtures/cacert.pem for local testing.
CA_FILE =
ENV.fetch("CA_FILE") do
if File.exist?("/etc/ssl/certs/cacert.pem")
"/etc/ssl/certs/cacert.pem"
else
File.expand_path("fixtures/cacert.pem", File.dirname(__FILE__))
end
end

if RUBY_VERSION < "2.0"
class String
def b
Expand Down

0 comments on commit 14abcaf

Please sign in to comment.