net: add tests against badssl.comcmn/badssl

These provide bad X.509 certificates, which we should refuse to connect to by default.
author: Carlos Martín Nieto <cmn@dwim.me> 2015-09-27 22:48:39 +0200
committer: Carlos Martín Nieto <cmn@dwim.me> 2015-09-27 22:56:25 +0200
commit: 53a2870514fb06b7aebfd1c55c19a61704906596 (patch)
tree: 90fd5c76be762b5374753bfce2b9e136ef06e418
parent: a8d0b4de92b83745308b2d9af0f62828bfb550a1 (diff)
download: libgit2-cmn/badssl.tar.gz
1 files changed, 27 insertions, 0 deletions
diff --git a/tests/online/badssl.c b/tests/online/badssl.c
new file mode 100644
index 000000000..850468320
--- /dev/null
+++ b/tests/online/badssl.c
@@ -0,0 +1,27 @@
+#include "clar_libgit2.h"
+
+#include "git2/clone.h"
+
+static git_repository *g_repo;
+
+#if defined(GIT_OPENSSL) || defined(GIT_WINHTTP) || defined(GIT_SECURE_TRANSPORT)
+
+void test_online_badssl__expired(void)
+{
+	cl_git_fail_with(GIT_ECERTIFICATE,
+			 git_clone(&g_repo, "https://expired.badssl.com/fake.git", "./fake", NULL));
+}
+
+void test_online_badssl__wrong_host(void)
+{
+	cl_git_fail_with(GIT_ECERTIFICATE,
+			 git_clone(&g_repo, "https://wrong.host.badssl.com/fake.git", "./fake", NULL));
+}
+
+void test_online_badssl__self_signed(void)
+{
+	cl_git_fail_with(GIT_ECERTIFICATE,
+			 git_clone(&g_repo, "https://self-signed.badssl.com/fake.git", "./fake", NULL));
+}
+
+#endif
author	Carlos Martín Nieto <cmn@dwim.me>	2015-09-27 22:48:39 +0200
committer	Carlos Martín Nieto <cmn@dwim.me>	2015-09-27 22:56:25 +0200
commit	53a2870514fb06b7aebfd1c55c19a61704906596 (patch)
tree	90fd5c76be762b5374753bfce2b9e136ef06e418
parent	a8d0b4de92b83745308b2d9af0f62828bfb550a1 (diff)
download	libgit2-cmn/badssl.tar.gz