|
Packit |
3f4df8 |
#!perl
|
|
Packit |
3f4df8 |
|
|
Packit |
3f4df8 |
use strict;
|
|
Packit |
3f4df8 |
use warnings;
|
|
Packit |
3f4df8 |
|
|
Packit |
3f4df8 |
use Test::More 0.96;
|
|
Packit |
3f4df8 |
use IO::Socket::INET;
|
|
Packit |
3f4df8 |
BEGIN {
|
|
Packit |
3f4df8 |
eval { require IO::Socket::SSL; IO::Socket::SSL->VERSION(1.56); 1 };
|
|
Packit |
3f4df8 |
plan skip_all => 'IO::Socket::SSL 1.56 required for SSL tests' if $@;
|
|
Packit |
3f4df8 |
# $IO::Socket::SSL::DEBUG = 3;
|
|
Packit |
3f4df8 |
|
|
Packit |
3f4df8 |
eval { require Net::SSLeay; Net::SSLeay->VERSION(1.49); 1};
|
|
Packit |
3f4df8 |
plan skip_all => 'Net::SSLeay 1.49 required for SSL tests' if $@;
|
|
Packit |
3f4df8 |
|
|
Packit |
3f4df8 |
eval { require Mozilla::CA; 1 };
|
|
Packit |
3f4df8 |
plan skip_all => 'Mozilla::CA required for SSL tests' if $@;
|
|
Packit |
3f4df8 |
}
|
|
Packit |
3f4df8 |
use HTTP::Tiny;
|
|
Packit |
3f4df8 |
|
|
Packit |
3f4df8 |
plan skip_all => 'Only run for $ENV{AUTOMATED_TESTING}'
|
|
Packit |
3f4df8 |
unless $ENV{AUTOMATED_TESTING};
|
|
Packit |
3f4df8 |
|
|
Packit |
3f4df8 |
use IPC::Cmd qw/can_run/;
|
|
Packit |
3f4df8 |
|
|
Packit |
3f4df8 |
if ( can_run('openssl') ) {
|
|
Packit |
3f4df8 |
diag "\nNote: running test with ", qx/openssl version/;
|
|
Packit |
3f4df8 |
}
|
|
Packit |
3f4df8 |
|
|
Packit |
3f4df8 |
my $data = {
|
|
Packit |
3f4df8 |
'https://www.google.ca/' => {
|
|
Packit |
3f4df8 |
host => 'www.google.ca',
|
|
Packit |
3f4df8 |
pass => { SSL_verifycn_scheme => 'http', SSL_verifycn_name => 'www.google.ca', SSL_verify_mode => 0x01, SSL_ca_file => Mozilla::CA::SSL_ca_file() },
|
|
Packit |
3f4df8 |
fail => { SSL_verify_callback => sub { 0 }, SSL_verify_mode => 0x01 },
|
|
Packit |
3f4df8 |
default_should_yield => '1',
|
|
Packit |
3f4df8 |
},
|
|
Packit |
3f4df8 |
'https://twitter.com/' => {
|
|
Packit |
3f4df8 |
host => 'twitter.com',
|
|
Packit |
3f4df8 |
pass => { SSL_verifycn_scheme => 'http', SSL_verifycn_name => 'twitter.com', SSL_verify_mode => 0x01, SSL_ca_file => Mozilla::CA::SSL_ca_file() },
|
|
Packit |
3f4df8 |
fail => { SSL_verify_callback => sub { 0 }, SSL_verify_mode => 0x01 },
|
|
Packit |
3f4df8 |
default_should_yield => '1',
|
|
Packit |
3f4df8 |
},
|
|
Packit |
3f4df8 |
'https://github.com/' => {
|
|
Packit |
3f4df8 |
host => 'github.com',
|
|
Packit |
3f4df8 |
pass => { SSL_verifycn_scheme => 'http', SSL_verifycn_name => 'github.com', SSL_verify_mode => 0x01, SSL_ca_file => Mozilla::CA::SSL_ca_file() },
|
|
Packit |
3f4df8 |
fail => { SSL_verify_callback => sub { 0 }, SSL_verify_mode => 0x01 },
|
|
Packit |
3f4df8 |
default_should_yield => '1',
|
|
Packit |
3f4df8 |
},
|
|
Packit |
3f4df8 |
'https://spinrite.com/' => {
|
|
Packit |
3f4df8 |
host => 'spinrite.com',
|
|
Packit |
3f4df8 |
pass => { SSL_verifycn_scheme => 'none', SSL_verifycn_name => 'spinrite.com', SSL_verify_mode => 0x00 },
|
|
Packit |
3f4df8 |
fail => { SSL_verifycn_scheme => 'http', SSL_verifycn_name => 'spinrite.com', SSL_verify_mode => 0x01, SSL_ca_file => Mozilla::CA::SSL_ca_file() },
|
|
Packit |
3f4df8 |
default_should_yield => '',
|
|
Packit |
3f4df8 |
}
|
|
Packit |
3f4df8 |
};
|
|
Packit |
3f4df8 |
plan tests => 1+ scalar keys %$data;
|
|
Packit |
3f4df8 |
|
|
Packit |
3f4df8 |
subtest "can_ssl" => sub {
|
|
Packit |
3f4df8 |
ok( HTTP::Tiny->can_ssl, "class method" );
|
|
Packit |
3f4df8 |
ok( HTTP::Tiny->new->can_ssl, "object method, default params" );
|
|
Packit |
3f4df8 |
ok( HTTP::Tiny->new(verify_SSL => 1)->can_ssl, "object method, verify_SSL" );
|
|
Packit |
3f4df8 |
|
|
Packit |
3f4df8 |
my $ht = HTTP::Tiny->new(
|
|
Packit |
3f4df8 |
verify_SSL => 1,
|
|
Packit |
3f4df8 |
SSL_options => { SSL_ca_file => 'adlfadkfadlfad' },
|
|
Packit |
3f4df8 |
);
|
|
Packit |
3f4df8 |
my ($ok, $why) = $ht->can_ssl;
|
|
Packit |
3f4df8 |
ok( ! $ok, "object methods, verify_SSL, bogus CA file (FAILS)" );
|
|
Packit |
3f4df8 |
like( $why, qr/not found or not readable/, "failure reason" );
|
|
Packit |
3f4df8 |
};
|
|
Packit |
3f4df8 |
|
|
Packit |
3f4df8 |
|
|
Packit |
3f4df8 |
while (my ($url, $data) = each %$data) {
|
|
Packit |
3f4df8 |
subtest $url => sub {
|
|
Packit |
3f4df8 |
plan 'skip_all' => 'Internet connection timed out'
|
|
Packit |
3f4df8 |
unless IO::Socket::INET->new(
|
|
Packit |
3f4df8 |
PeerHost => $data->{host},
|
|
Packit |
3f4df8 |
PeerPort => 443,
|
|
Packit |
3f4df8 |
Proto => 'tcp',
|
|
Packit |
3f4df8 |
Timeout => 10,
|
|
Packit |
3f4df8 |
);
|
|
Packit |
3f4df8 |
|
|
Packit |
3f4df8 |
# the default verification
|
|
Packit |
3f4df8 |
my $response = HTTP::Tiny->new(verify_ssl => 1)->get($url);
|
|
Packit |
3f4df8 |
is $response->{success}, $data->{default_should_yield}, "Request to $url passed/failed using default as expected"
|
|
Packit |
3f4df8 |
or do {
|
|
Packit |
3f4df8 |
# $response->{content} = substr $response->{content}, 0, 50;
|
|
Packit |
3f4df8 |
$response->{content} =~ s{\n.*}{}s;
|
|
Packit |
3f4df8 |
diag explain [IO::Socket::SSL::errstr(), $response]
|
|
Packit |
3f4df8 |
};
|
|
Packit |
3f4df8 |
|
|
Packit |
3f4df8 |
# force validation to succeed
|
|
Packit |
3f4df8 |
my $pass = HTTP::Tiny->new( SSL_options => $data->{pass} )->get($url);
|
|
Packit |
3f4df8 |
isnt $pass->{status}, '599', "Request to $url completed (forced pass)"
|
|
Packit |
3f4df8 |
or do {
|
|
Packit |
3f4df8 |
$pass->{content} =~ s{\n.*}{}s;
|
|
Packit |
3f4df8 |
diag explain $pass
|
|
Packit |
3f4df8 |
};
|
|
Packit |
3f4df8 |
ok $pass->{content}, 'Got some content';
|
|
Packit |
3f4df8 |
|
|
Packit |
3f4df8 |
# force validation to fail
|
|
Packit |
3f4df8 |
my $fail = HTTP::Tiny->new( SSL_options => $data->{fail} )->get($url);
|
|
Packit |
3f4df8 |
is $fail->{status}, '599', "Request to $url failed (forced fail)"
|
|
Packit |
3f4df8 |
or do {
|
|
Packit |
3f4df8 |
$fail->{content} =~ s{\n.*}{}s;
|
|
Packit |
3f4df8 |
diag explain [IO::Socket::SSL::errstr(), $fail]
|
|
Packit |
3f4df8 |
};
|
|
Packit |
3f4df8 |
ok $fail->{content}, 'Got some content';
|
|
Packit |
3f4df8 |
};
|
|
Packit |
3f4df8 |
}
|