Commit 53a2870514fb06b7aebfd1c55c19a61704906596

Carlos Martín Nieto 2015-09-27T22:48:39

net: add tests against badssl.com These provide bad X.509 certificates, which we should refuse to connect to by default.

diff --git a/tests/online/badssl.c b/tests/online/badssl.c
new file mode 100644
index 0000000..8504683
--- /dev/null
+++ b/tests/online/badssl.c
@@ -0,0 +1,27 @@
+#include "clar_libgit2.h"
+
+#include "git2/clone.h"
+
+static git_repository *g_repo;
+
+#if defined(GIT_OPENSSL) || defined(GIT_WINHTTP) || defined(GIT_SECURE_TRANSPORT)
+
+void test_online_badssl__expired(void)
+{
+	cl_git_fail_with(GIT_ECERTIFICATE,
+			 git_clone(&g_repo, "https://expired.badssl.com/fake.git", "./fake", NULL));
+}
+
+void test_online_badssl__wrong_host(void)
+{
+	cl_git_fail_with(GIT_ECERTIFICATE,
+			 git_clone(&g_repo, "https://wrong.host.badssl.com/fake.git", "./fake", NULL));
+}
+
+void test_online_badssl__self_signed(void)
+{
+	cl_git_fail_with(GIT_ECERTIFICATE,
+			 git_clone(&g_repo, "https://self-signed.badssl.com/fake.git", "./fake", NULL));
+}
+
+#endif