From: Jay Satiro Date: Mon, 18 Jan 2016 08:10:10 +0000 (-0500) Subject: tests: Add a test for pinnedpubkey fail even when insecure X-Git-Tag: curl-7_47_0~12 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=d56637113092ebc6721601812510ef5e3e5126e4;p=curl tests: Add a test for pinnedpubkey fail even when insecure Because disabling the peer verification (--insecure) must not disable the public key pinning check (--pinnedpubkey). --- diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc index 4e01bdfcb..369406213 100644 --- a/tests/data/Makefile.inc +++ b/tests/data/Makefile.inc @@ -168,4 +168,5 @@ test2008 test2009 test2010 test2011 test2012 test2013 test2014 test2015 \ test2016 test2017 test2018 test2019 test2020 test2021 test2022 test2023 \ test2024 test2025 test2026 test2027 test2028 test2029 test2030 test2031 \ test2032 test2033 test2034 test2035 test2036 test2037 test2038 test2039 \ -test2040 test2041 test2042 test2043 test2044 test2045 test2046 test2047 +test2040 test2041 test2042 test2043 test2044 test2045 test2046 test2047 \ +test2048 diff --git a/tests/data/test2048 b/tests/data/test2048 new file mode 100644 index 000000000..eb2b1df75 --- /dev/null +++ b/tests/data/test2048 @@ -0,0 +1,40 @@ + + + +HTTPS +HTTP GET +PEM certificate + + + +# +# Server-side + + + +# +# Client-side + + +SSL +SSLpinning + + +https Server-localhost-sv.pem + + +pinnedpubkey no-match must fail even when insecure + + +--insecure --cacert %SRCDIR/certs/EdelCurlRoot-ca.crt --pinnedpubkey %SRCDIR/certs/Server-localhost.nn-sv.pub.der https://localhost:%HTTPSPORT/2034 + + + +# +# Verify data after the test has been "shot" + + +90 + + +