thodg/libgit2/tests/online/badssl.c
-
Show log
Commit
-
Hash : c1ec732f
Author :
Date : 2016-03-14T12:02:00
Setup better defaults for OpenSSL ciphers This ensures that when using OpenSSL a safe default set of ciphers is selected. This is done so that the client communicates securely and we don't accidentally enable unsafe ciphers like RC4, or even worse some old export ciphers. Implements the first part of https://github.com/libgit2/libgit2/issues/3682
-
tests/online/badssl.c
-
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46
#include "clar_libgit2.h" #include "git2/clone.h" static git_repository *g_repo; #if defined(GIT_OPENSSL) || defined(GIT_WINHTTP) || defined(GIT_SECURE_TRANSPORT) static bool g_has_ssl = true; #else static bool g_has_ssl = false; #endif void test_online_badssl__expired(void) { if (!g_has_ssl) cl_skip(); cl_git_fail_with(GIT_ECERTIFICATE, git_clone(&g_repo, "https://expired.badssl.com/fake.git", "./fake", NULL)); } void test_online_badssl__wrong_host(void) { if (!g_has_ssl) cl_skip(); cl_git_fail_with(GIT_ECERTIFICATE, git_clone(&g_repo, "https://wrong.host.badssl.com/fake.git", "./fake", NULL)); } void test_online_badssl__self_signed(void) { if (!g_has_ssl) cl_skip(); cl_git_fail_with(GIT_ECERTIFICATE, git_clone(&g_repo, "https://self-signed.badssl.com/fake.git", "./fake", NULL)); } void test_online_badssl__old_cipher(void) { if (!g_has_ssl) cl_skip(); cl_git_fail(git_clone(&g_repo, "https://rc4.badssl.com/fake.git", "./fake", NULL)); }