modify test_add_certificate_chain_file to check ssl.peer_cert and ssl.peer_cert_chain

1 files changed, 23 insertions, 2 deletions

diff --git a/test/test_ssl.rb b/test/test_ssl.rb
index 5d4c09b8..07484769 100644
--- a/test/test_ssl.rb
+++ b/test/test_ssl.rb
@@ -186,8 +186,29 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
   end
 
   def test_add_certificate_chain_file
-    ctx = OpenSSL::SSL::SSLContext.new
-    assert ctx.add_certificate_chain_file(Fixtures.file_path("chain", "server.crt"))
+    # Create chain certificates file
+    GC.disable # for tempfile
+    certs = Tempfile.open { |f| f << @svr_cert.to_pem << @ca_cert.to_pem; f }
+    pkey = Tempfile.open { |f| f << @svr_key.to_pem; f }
+
+    ctx_proc = -> ctx {
+      # Unset values set by start_server
+      ctx.cert = ctx.key = ctx.extra_chain_cert = nil
+      assert ctx.add_certificate_chain_file(certs.path, pkey.path)
+    }
+
+    start_server(ctx_proc: ctx_proc) { |port|
+      server_connect(port) { |ssl|
+        assert_equal @svr_cert.subject, ssl.peer_cert.subject
+        assert_equal [@svr_cert.subject, @ca_cert.subject],
+          ssl.peer_cert_chain.map(&:subject)
+
+        ssl.puts "abc"; assert_equal "abc\n", ssl.gets
+      }
+    }
+  ensure
+    certs&.close
+    pkey&.close
   end
 
   def test_sysread_and_syswrite