mirror of
https://github.com/nim-lang/Nim.git
synced 2026-01-01 10:52:14 +00:00
5b85444244
* Implement SSL/TLS certificate checking #782 * SSL: Add nimDisableCertificateValidation Remove NIM_SSL_CERT_VALIDATION env var tests/untestable/thttpclient_ssl.nim ran successfully on Linux with libssl 1.1.1d * SSL: update integ test to skip flapping tests * Revert .travis.yml change * nimDisableCertificateValidation disable imports Prevent loading symbols that are not defined on older SSL libs * SSL: disable verification in net.nim ..when nimDisableCertificateValidation is set * Update changelog * Fix peername type * Add define check for windows * Disable test on windows * Add exprimental GitHub action CI for SSL * Test nimDisableCertificateValidation
41 lines
1.2 KiB
Nim
41 lines
1.2 KiB
Nim
#
|
|
# Nim - SSL integration tests
|
|
# (c) Copyright 2017 Nim contributors
|
|
#
|
|
# See the file "copying.txt", included in this
|
|
# distribution, for details about the copyright.
|
|
#
|
|
## Warning: this test performs external networking.
|
|
## Compile and run with:
|
|
## ./bin/nim c -d:nimDisableCertificateValidation -d:ssl -r -p:. tests/untestable/thttpclient_ssl_disabled.nim
|
|
|
|
import httpclient,
|
|
net,
|
|
unittest,
|
|
ospaths
|
|
|
|
from strutils import contains
|
|
|
|
const expired = "https://expired.badssl.com/"
|
|
|
|
doAssert defined(nimDisableCertificateValidation)
|
|
|
|
suite "SSL certificate check - disabled":
|
|
|
|
test "httpclient in insecure mode":
|
|
var ctx = newContext(verifyMode = CVerifyPeer)
|
|
var client = newHttpClient(sslContext = ctx)
|
|
let a = $client.getContent(expired)
|
|
|
|
test "httpclient in insecure mode":
|
|
var ctx = newContext(verifyMode = CVerifyPeerUseEnvVars)
|
|
var client = newHttpClient(sslContext = ctx)
|
|
let a = $client.getContent(expired)
|
|
|
|
test "net socket in insecure mode":
|
|
var sock = newSocket()
|
|
var ctx = newContext(verifyMode = CVerifyPeerUseEnvVars)
|
|
ctx.wrapSocket(sock)
|
|
sock.connect("expired.badssl.com", 443.Port)
|
|
sock.close
|