source-git / libgit2

Clone
Source Code
GIT

Blame tests/online/badssl.c

c8 c8s master
  1.   eb4b17b7d3183e5b5db4df29eb2e9d705c2678e3
  2.   tests
  3.   online
  4.   badssl.c
Blob History Raw
Packit Service 20376f 
#include "clar_libgit2.h"
Packit Service 20376f
Packit Service 20376f 
#include "git2/clone.h"
Packit Service 20376f
Packit Service 20376f 
static git_repository *g_repo;
Packit Service 20376f
Packit Service 20376f 
#ifdef GIT_HTTPS
Packit Service 20376f 
static bool g_has_ssl = true;
Packit Service 20376f 
#else
Packit Service 20376f 
static bool g_has_ssl = false;
Packit Service 20376f 
#endif
Packit Service 20376f
Packit Service 20376f 
static int cert_check_assert_invalid(git_cert *cert, int valid, const char* host, void *payload)
Packit Service 20376f 
{
Packit Service 20376f 
	GIT_UNUSED(cert); GIT_UNUSED(host); GIT_UNUSED(payload);
Packit Service 20376f
Packit Service 20376f 
	cl_assert_equal_i(0, valid);
Packit Service 20376f
Packit Service 20376f 
	return GIT_ECERTIFICATE;
Packit Service 20376f 
}
Packit Service 20376f
Packit Service 20376f 
void test_online_badssl__expired(void)
Packit Service 20376f 
{
Packit Service 20376f 
	git_clone_options opts = GIT_CLONE_OPTIONS_INIT;
Packit Service 20376f 
	opts.fetch_opts.callbacks.certificate_check = cert_check_assert_invalid;
Packit Service 20376f
Packit Service 20376f 
	if (!g_has_ssl)
Packit Service 20376f 
		cl_skip();
Packit Service 20376f
Packit Service 20376f 
	cl_git_fail_with(GIT_ECERTIFICATE,
Packit Service 20376f 
			 git_clone(&g_repo, "https://expired.badssl.com/fake.git", "./fake", NULL));
Packit Service 20376f
Packit Service 20376f 
	cl_git_fail_with(GIT_ECERTIFICATE,
Packit Service 20376f 
			 git_clone(&g_repo, "https://expired.badssl.com/fake.git", "./fake", &opts));
Packit Service 20376f 
}
Packit Service 20376f
Packit Service 20376f 
void test_online_badssl__wrong_host(void)
Packit Service 20376f 
{
Packit Service 20376f 
	git_clone_options opts = GIT_CLONE_OPTIONS_INIT;
Packit Service 20376f 
	opts.fetch_opts.callbacks.certificate_check = cert_check_assert_invalid;
Packit Service 20376f
Packit Service 20376f 
	if (!g_has_ssl)
Packit Service 20376f 
		cl_skip();
Packit Service 20376f
Packit Service 20376f 
	cl_git_fail_with(GIT_ECERTIFICATE,
Packit Service 20376f 
			 git_clone(&g_repo, "https://wrong.host.badssl.com/fake.git", "./fake", NULL));
Packit Service 20376f 
	cl_git_fail_with(GIT_ECERTIFICATE,
Packit Service 20376f 
			 git_clone(&g_repo, "https://wrong.host.badssl.com/fake.git", "./fake", &opts));
Packit Service 20376f 
}
Packit Service 20376f
Packit Service 20376f 
void test_online_badssl__self_signed(void)
Packit Service 20376f 
{
Packit Service 20376f 
	git_clone_options opts = GIT_CLONE_OPTIONS_INIT;
Packit Service 20376f 
	opts.fetch_opts.callbacks.certificate_check = cert_check_assert_invalid;
Packit Service 20376f
Packit Service 20376f 
	if (!g_has_ssl)
Packit Service 20376f 
		cl_skip();
Packit Service 20376f
Packit Service 20376f 
	cl_git_fail_with(GIT_ECERTIFICATE,
Packit Service 20376f 
			 git_clone(&g_repo, "https://self-signed.badssl.com/fake.git", "./fake", NULL));
Packit Service 20376f 
	cl_git_fail_with(GIT_ECERTIFICATE,
Packit Service 20376f 
			 git_clone(&g_repo, "https://self-signed.badssl.com/fake.git", "./fake", &opts));
Packit Service 20376f 
}
Packit Service 20376f
Packit Service 20376f 
void test_online_badssl__old_cipher(void)
Packit Service 20376f 
{
Packit Service 20376f 
	git_clone_options opts = GIT_CLONE_OPTIONS_INIT;
Packit Service 20376f 
	opts.fetch_opts.callbacks.certificate_check = cert_check_assert_invalid;
Packit Service 20376f
Packit Service 20376f 
	/* FIXME: we don't actually reject RC4 anywhere, figure out what to tweak */
Packit Service 20376f 
	cl_skip();
Packit Service 20376f
Packit Service 20376f 
	if (!g_has_ssl)
Packit Service 20376f 
		cl_skip();
Packit Service 20376f
Packit Service 20376f 
	cl_git_fail_with(GIT_ECERTIFICATE,
Packit Service 20376f 
			 git_clone(&g_repo, "https://rc4.badssl.com/fake.git", "./fake", NULL));
Packit Service 20376f 
	cl_git_fail_with(GIT_ECERTIFICATE,
Packit Service 20376f 
			 git_clone(&g_repo, "https://rc4.badssl.com/fake.git", "./fake", &opts));
Packit Service 20376f 
}

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation