net: add tests against badssl.com

These provide bad X.509 certificates, which we should refuse to connect to by default.

net: add tests against badssl.com
These provide bad X.509 certificates, which we should refuse to connect to by default.
53a28705 · Carlos Martín Nieto · a8d0b4de · 53a28705
Commit 53a28705 authored Sep 27, 2015 by Carlos Martín Nieto
Hide whitespace changes
Inline Side-by-side

Showing with 27 additions and 0 deletions

tests/online/badssl.c
+27 -0

No files found.
--- a/tests/online/badssl.c
+++ b/tests/online/badssl.c
+#include "clar_libgit2.h"
+
+#include "git2/clone.h"
+
+static git_repository *g_repo;
+
+#if defined(GIT_OPENSSL) || defined(GIT_WINHTTP) || defined(GIT_SECURE_TRANSPORT)
+
+void test_online_badssl__expired(void)
+{
+	cl_git_fail_with(GIT_ECERTIFICATE,
+			 git_clone(&g_repo, "https://expired.badssl.com/fake.git", "./fake", NULL));
+}
+
+void test_online_badssl__wrong_host(void)
+{
+	cl_git_fail_with(GIT_ECERTIFICATE,
+			 git_clone(&g_repo, "https://wrong.host.badssl.com/fake.git", "./fake", NULL));
+}
+
+void test_online_badssl__self_signed(void)
+{
+	cl_git_fail_with(GIT_ECERTIFICATE,
+			 git_clone(&g_repo, "https://self-signed.badssl.com/fake.git", "./fake", NULL));
+}
+
+#endif