diff options
| author | Edward Thomson <ethomson@edwardthomson.com> | 2018-10-29 10:45:59 +0000 |
|---|---|---|
| committer | Edward Thomson <ethomson@edwardthomson.com> | 2018-11-28 15:46:57 +0000 |
| commit | 45054732a4232a27953de212cd068619a0f8b723 (patch) | |
| tree | 3443db447da3ad7fd2952d95f92229516acb6266 | |
| parent | 21142c5a61fca0d44cbf51824dbe28f6324229e8 (diff) | |
| download | libgit2-45054732a4232a27953de212cd068619a0f8b723.tar.gz | |
tests: optionally ignore https cert validation
For testing, we may wish to use a man-in-the-middle proxy that can
inspect the CONNECT traffic to our test endpoints. For this, we will
need to accept the proxy's certificate, which will not be valid for the
true endpoint.
Add a new environment variable, GITTEST_REMOTE_SSL_NOVERIFY to disable
https certificate validation for the tests.
| -rw-r--r-- | tests/online/clone.c | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/tests/online/clone.c b/tests/online/clone.c index bfd50a16a..ce49f180f 100644 --- a/tests/online/clone.c +++ b/tests/online/clone.c @@ -20,6 +20,7 @@ static git_clone_options g_options; static char *_remote_url = NULL; static char *_remote_user = NULL; static char *_remote_pass = NULL; +static char *_remote_sslnoverify = NULL; static char *_remote_ssh_pubkey = NULL; static char *_remote_ssh_privkey = NULL; static char *_remote_ssh_passphrase = NULL; @@ -34,6 +35,18 @@ static int _orig_proxies_need_reset = 0; static char *_orig_http_proxy = NULL; static char *_orig_https_proxy = NULL; +static int ssl_cert(git_cert *cert, int valid, const char *host, void *payload) +{ + GIT_UNUSED(cert); + GIT_UNUSED(host); + GIT_UNUSED(payload); + + if (_remote_sslnoverify != NULL) + valid = 1; + + return valid ? 0 : GIT_ECERTIFICATE; +} + void test_online_clone__initialize(void) { git_checkout_options dummy_opts = GIT_CHECKOUT_OPTIONS_INIT; @@ -46,10 +59,12 @@ void test_online_clone__initialize(void) g_options.checkout_opts = dummy_opts; g_options.checkout_opts.checkout_strategy = GIT_CHECKOUT_SAFE; g_options.fetch_opts = dummy_fetch; + g_options.fetch_opts.callbacks.certificate_check = ssl_cert; _remote_url = cl_getenv("GITTEST_REMOTE_URL"); _remote_user = cl_getenv("GITTEST_REMOTE_USER"); _remote_pass = cl_getenv("GITTEST_REMOTE_PASS"); + _remote_sslnoverify = cl_getenv("GITTEST_REMOTE_SSL_NOVERIFY"); _remote_ssh_pubkey = cl_getenv("GITTEST_REMOTE_SSH_PUBKEY"); _remote_ssh_privkey = cl_getenv("GITTEST_REMOTE_SSH_KEY"); _remote_ssh_passphrase = cl_getenv("GITTEST_REMOTE_SSH_PASSPHRASE"); @@ -74,6 +89,7 @@ void test_online_clone__cleanup(void) git__free(_remote_url); git__free(_remote_user); git__free(_remote_pass); + git__free(_remote_sslnoverify); git__free(_remote_ssh_pubkey); git__free(_remote_ssh_privkey); git__free(_remote_ssh_passphrase); @@ -483,6 +499,7 @@ void test_online_clone__ssh_auth_methods(void) #endif g_options.fetch_opts.callbacks.credentials = check_ssh_auth_methods; g_options.fetch_opts.callbacks.payload = &with_user; + g_options.fetch_opts.callbacks.certificate_check = NULL; with_user = 0; cl_git_fail_with(GIT_EUSER, @@ -535,6 +552,7 @@ void test_online_clone__ssh_with_paths(void) g_options.fetch_opts.callbacks.transport = git_transport_ssh_with_paths; g_options.fetch_opts.callbacks.credentials = cred_cb; g_options.fetch_opts.callbacks.payload = &arr; + g_options.fetch_opts.callbacks.certificate_check = NULL; cl_git_fail(git_clone(&g_repo, _remote_url, "./foo", &g_options)); |