tests: refine and clean up

ArchangelSDY · ArchangelSDY · commit 9562c1a443f9 · 2020-04-21T22:27:10.000+08:00
diff --git a/t/140-ssl-c-api.t b/t/140-ssl-c-api.t
@@ -728,8 +728,6 @@ lua ssl server name: "test.com"
         }
     }
 --- stream_server_config
-    lua_ssl_trusted_certificate ../../cert/test2.crt;
-
     proxy_pass                  unix:$TEST_NGINX_HTML_DIR/nginx.sock;
     proxy_ssl                   on;
     proxy_ssl_certificate       ../../cert/test.crt;
@@ -783,8 +781,6 @@ client certificate subject: emailAddress=agentzh@gmail.com,CN=test.com
         }
     }
 --- stream_server_config
-    lua_ssl_trusted_certificate ../../cert/test2.crt;
-
     proxy_pass                  unix:$TEST_NGINX_HTML_DIR/nginx.sock;
     proxy_ssl                   on;
     proxy_ssl_certificate       ../../cert/test.crt;
@@ -824,7 +820,18 @@ client certificate subject: emailAddress=agentzh@gmail.com,CN=test.com
                 return
             end
 
-            local rc = ffi.C.ngx_stream_lua_ffi_ssl_verify_client(r, nil, -1, errmsg)
+            local f = assert(io.open("t/cert/test.crt", "rb"))
+            local cert_data = f:read("*all")
+            f:close()
+
+            local cert = ffi.C.ngx_stream_lua_ffi_parse_pem_cert(cert_data, #cert_data, errmsg)
+            if not cert then
+                ngx.log(ngx.ERR, "failed to parse PEM cert: ",
+                        ffi.string(errmsg[0]))
+                return
+            end
+
+            local rc = ffi.C.ngx_stream_lua_ffi_ssl_verify_client(r, cert, 1, errmsg)
             if rc ~= 0 then
                 ngx.log(ngx.ERR, "failed to set cdata cert: ",
                         ffi.string(errmsg[0]))
@@ -838,8 +845,6 @@ client certificate subject: emailAddress=agentzh@gmail.com,CN=test.com
         }
     }
 --- stream_server_config
-    lua_ssl_trusted_certificate ../../cert/test2.crt;
-
     proxy_pass                  unix:$TEST_NGINX_HTML_DIR/nginx.sock;
     proxy_ssl                   on;
 
