temporarily disable badssl tests (#21710)

* temporarily disable badssl tests

refs #21709

* fix

tests/untestable/thttpclient_ssl_remotenetwork.nim

@@ -32,65 +32,71 @@ when enableRemoteNetworking and (defined(nimTestsEnableFlaky) or not defined(win
       good, bad, dubious, good_broken, bad_broken, dubious_broken
     CertTest = tuple[url:string, category:Category, desc: string]
 
-  const certificate_tests: array[0..54, CertTest] = [
-    ("https://wrong.host.badssl.com/", bad, "wrong.host"),
-    ("https://captive-portal.badssl.com/", bad, "captive-portal"),
-    ("https://expired.badssl.com/", bad, "expired"),
-    ("https://google.com/", good, "good"),
-    ("https://self-signed.badssl.com/", bad, "self-signed"),
-    ("https://untrusted-root.badssl.com/", bad, "untrusted-root"),
-    ("https://revoked.badssl.com/", bad_broken, "revoked"),
-    ("https://pinning-test.badssl.com/", bad_broken, "pinning-test"),
-    ("https://no-common-name.badssl.com/", bad, "no-common-name"),
-    ("https://no-subject.badssl.com/", bad, "no-subject"),
-    ("https://sha1-intermediate.badssl.com/", bad, "sha1-intermediate"),
-    ("https://sha256.badssl.com/", good, "sha256"),
-    ("https://sha384.badssl.com/", bad, "sha384"),
-    ("https://sha512.badssl.com/", bad, "sha512"),
-    ("https://1000-sans.badssl.com/", bad, "1000-sans"),
-    ("https://10000-sans.badssl.com/", good_broken, "10000-sans"),
-    ("https://ecc256.badssl.com/", good_broken, "ecc256"),
-    ("https://ecc384.badssl.com/", good_broken, "ecc384"),
-    ("https://rsa2048.badssl.com/", good, "rsa2048"),
-    ("https://rsa8192.badssl.com/", dubious_broken, "rsa8192"),
-    ("http://http.badssl.com/", good, "regular http"),
-    ("https://http.badssl.com/", bad_broken, "http on https URL"),  # FIXME
-    ("https://cbc.badssl.com/", dubious, "cbc"),
-    ("https://rc4-md5.badssl.com/", bad, "rc4-md5"),
-    ("https://rc4.badssl.com/", bad, "rc4"),
-    ("https://3des.badssl.com/", bad, "3des"),
-    ("https://null.badssl.com/", bad, "null"),
-    ("https://mozilla-old.badssl.com/", bad_broken, "mozilla-old"),
-    ("https://mozilla-intermediate.badssl.com/", dubious_broken, "mozilla-intermediate"),
-    ("https://mozilla-modern.badssl.com/", good, "mozilla-modern"),
-    ("https://dh480.badssl.com/", bad, "dh480"),
-    ("https://dh512.badssl.com/", bad, "dh512"),
-    ("https://dh1024.badssl.com/", dubious_broken, "dh1024"),
-    ("https://dh2048.badssl.com/", good, "dh2048"),
-    ("https://dh-small-subgroup.badssl.com/", bad_broken, "dh-small-subgroup"),
-    ("https://dh-composite.badssl.com/", bad_broken, "dh-composite"),
-    ("https://static-rsa.badssl.com/", dubious, "static-rsa"),
-    ("https://tls-v1-0.badssl.com:1010/", dubious, "tls-v1-0"),
-    ("https://tls-v1-1.badssl.com:1011/", dubious, "tls-v1-1"),
-    ("https://invalid-expected-sct.badssl.com/", bad, "invalid-expected-sct"),
-    ("https://hsts.badssl.com/", good, "hsts"),
-    ("https://upgrade.badssl.com/", good, "upgrade"),
-    ("https://preloaded-hsts.badssl.com/", good, "preloaded-hsts"),
-    ("https://subdomain.preloaded-hsts.badssl.com/", bad, "subdomain.preloaded-hsts"),
-    ("https://https-everywhere.badssl.com/", good, "https-everywhere"),
-    ("https://long-extended-subdomain-name-containing-many-letters-and-dashes.badssl.com/", good,
-      "long-extended-subdomain-name-containing-many-letters-and-dashes"),
-    ("https://longextendedsubdomainnamewithoutdashesinordertotestwordwrapping.badssl.com/", good,
-      "longextendedsubdomainnamewithoutdashesinordertotestwordwrapping"),
-    ("https://superfish.badssl.com/", bad, "(Lenovo) Superfish"),
-    ("https://edellroot.badssl.com/", bad, "(Dell) eDellRoot"),
-    ("https://dsdtestprovider.badssl.com/", bad, "(Dell) DSD Test Provider"),
-    ("https://preact-cli.badssl.com/", bad, "preact-cli"),
-    ("https://webpack-dev-server.badssl.com/", bad, "webpack-dev-server"),
-    ("https://mitm-software.badssl.com/", bad, "mitm-software"),
-    ("https://sha1-2016.badssl.com/", dubious, "sha1-2016"),
-    ("https://sha1-2017.badssl.com/", bad, "sha1-2017"),
-  ]
+  # XXX re-enable when badssl fixes certs, some expired as of 2023-04-23 (#21709)
+  when false:
+    const certificate_tests: array[0..54, CertTest] = [
+      ("https://wrong.host.badssl.com/", bad, "wrong.host"),
+      ("https://captive-portal.badssl.com/", bad, "captive-portal"),
+      ("https://expired.badssl.com/", bad, "expired"),
+      ("https://google.com/", good, "good"),
+      ("https://self-signed.badssl.com/", bad, "self-signed"),
+      ("https://untrusted-root.badssl.com/", bad, "untrusted-root"),
+      ("https://revoked.badssl.com/", bad_broken, "revoked"),
+      ("https://pinning-test.badssl.com/", bad_broken, "pinning-test"),
+      ("https://no-common-name.badssl.com/", bad, "no-common-name"),
+      ("https://no-subject.badssl.com/", bad, "no-subject"),
+      ("https://sha1-intermediate.badssl.com/", bad, "sha1-intermediate"),
+      ("https://sha256.badssl.com/", good, "sha256"),
+      ("https://sha384.badssl.com/", bad, "sha384"),
+      ("https://sha512.badssl.com/", bad, "sha512"),
+      ("https://1000-sans.badssl.com/", bad, "1000-sans"),
+      ("https://10000-sans.badssl.com/", good_broken, "10000-sans"),
+      ("https://ecc256.badssl.com/", good_broken, "ecc256"),
+      ("https://ecc384.badssl.com/", good_broken, "ecc384"),
+      ("https://rsa2048.badssl.com/", good, "rsa2048"),
+      ("https://rsa8192.badssl.com/", dubious_broken, "rsa8192"),
+      ("http://http.badssl.com/", good, "regular http"),
+      ("https://http.badssl.com/", bad_broken, "http on https URL"),  # FIXME
+      ("https://cbc.badssl.com/", dubious, "cbc"),
+      ("https://rc4-md5.badssl.com/", bad, "rc4-md5"),
+      ("https://rc4.badssl.com/", bad, "rc4"),
+      ("https://3des.badssl.com/", bad, "3des"),
+      ("https://null.badssl.com/", bad, "null"),
+      ("https://mozilla-old.badssl.com/", bad_broken, "mozilla-old"),
+      ("https://mozilla-intermediate.badssl.com/", dubious_broken, "mozilla-intermediate"),
+      ("https://mozilla-modern.badssl.com/", good, "mozilla-modern"),
+      ("https://dh480.badssl.com/", bad, "dh480"),
+      ("https://dh512.badssl.com/", bad, "dh512"),
+      ("https://dh1024.badssl.com/", dubious_broken, "dh1024"),
+      ("https://dh2048.badssl.com/", good, "dh2048"),
+      ("https://dh-small-subgroup.badssl.com/", bad_broken, "dh-small-subgroup"),
+      ("https://dh-composite.badssl.com/", bad_broken, "dh-composite"),
+      ("https://static-rsa.badssl.com/", dubious, "static-rsa"),
+      ("https://tls-v1-0.badssl.com:1010/", dubious, "tls-v1-0"),
+      ("https://tls-v1-1.badssl.com:1011/", dubious, "tls-v1-1"),
+      ("https://invalid-expected-sct.badssl.com/", bad, "invalid-expected-sct"),
+      ("https://hsts.badssl.com/", good, "hsts"),
+      ("https://upgrade.badssl.com/", good, "upgrade"),
+      ("https://preloaded-hsts.badssl.com/", good, "preloaded-hsts"),
+      ("https://subdomain.preloaded-hsts.badssl.com/", bad, "subdomain.preloaded-hsts"),
+      ("https://https-everywhere.badssl.com/", good, "https-everywhere"),
+      ("https://long-extended-subdomain-name-containing-many-letters-and-dashes.badssl.com/", good,
+        "long-extended-subdomain-name-containing-many-letters-and-dashes"),
+      ("https://longextendedsubdomainnamewithoutdashesinordertotestwordwrapping.badssl.com/", good,
+        "longextendedsubdomainnamewithoutdashesinordertotestwordwrapping"),
+      ("https://superfish.badssl.com/", bad, "(Lenovo) Superfish"),
+      ("https://edellroot.badssl.com/", bad, "(Dell) eDellRoot"),
+      ("https://dsdtestprovider.badssl.com/", bad, "(Dell) DSD Test Provider"),
+      ("https://preact-cli.badssl.com/", bad, "preact-cli"),
+      ("https://webpack-dev-server.badssl.com/", bad, "webpack-dev-server"),
+      ("https://mitm-software.badssl.com/", bad, "mitm-software"),
+      ("https://sha1-2016.badssl.com/", dubious, "sha1-2016"),
+      ("https://sha1-2017.badssl.com/", bad, "sha1-2017"),
+    ]
+  else:
+    const certificate_tests: array[0..0, CertTest] = [
+      ("https://google.com/", good, "good")
+    ]
 
 
   template evaluate(exception_msg: string, category: Category, desc: string) =
@@ -190,12 +196,18 @@ when enableRemoteNetworking and (defined(nimTestsEnableFlaky) or not defined(win
 
 
   type NetSocketTest = tuple[hostname: string, port: Port, category:Category, desc: string]
-  const net_tests:array[0..3, NetSocketTest] = [
-    ("imap.gmail.com", 993.Port, good, "IMAP"),
-    ("wrong.host.badssl.com", 443.Port, bad, "wrong.host"),
-    ("captive-portal.badssl.com", 443.Port, bad, "captive-portal"),
-    ("expired.badssl.com", 443.Port, bad, "expired"),
-  ]
+  # XXX re-enable when badssl fixes certs, some expired as of 2023-04-23 (#21709)
+  when false:
+    const net_tests:array[0..3, NetSocketTest] = [
+      ("imap.gmail.com", 993.Port, good, "IMAP"),
+      ("wrong.host.badssl.com", 443.Port, bad, "wrong.host"),
+      ("captive-portal.badssl.com", 443.Port, bad, "captive-portal"),
+      ("expired.badssl.com", 443.Port, bad, "expired"),
+    ]
+  else:
+    const net_tests: array[0..0, NetSocketTest] = [
+      ("imap.gmail.com", 993.Port, good, "IMAP")
+    ]
   # TODO: ("null.badssl.com", 443.Port, bad_broken, "null"),