From d56637113092ebc6721601812510ef5e3e5126e4 Mon Sep 17 00:00:00 2001 From: Jay Satiro Date: Mon, 18 Jan 2016 03:10:10 -0500 Subject: [PATCH] tests: Add a test for pinnedpubkey fail even when insecure Because disabling the peer verification (--insecure) must not disable the public key pinning check (--pinnedpubkey). --- tests/data/Makefile.inc | 3 ++- tests/data/test2048 | 40 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 42 insertions(+), 1 deletion(-) create mode 100644 tests/data/test2048 diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc index 4e01bdfcb..369406213 100644 --- a/tests/data/Makefile.inc +++ b/tests/data/Makefile.inc @@ -168,4 +168,5 @@ test2008 test2009 test2010 test2011 test2012 test2013 test2014 test2015 \ test2016 test2017 test2018 test2019 test2020 test2021 test2022 test2023 \ test2024 test2025 test2026 test2027 test2028 test2029 test2030 test2031 \ test2032 test2033 test2034 test2035 test2036 test2037 test2038 test2039 \ -test2040 test2041 test2042 test2043 test2044 test2045 test2046 test2047 +test2040 test2041 test2042 test2043 test2044 test2045 test2046 test2047 \ +test2048 diff --git a/tests/data/test2048 b/tests/data/test2048 new file mode 100644 index 000000000..eb2b1df75 --- /dev/null +++ b/tests/data/test2048 @@ -0,0 +1,40 @@ + + + +HTTPS +HTTP GET +PEM certificate + + + +# +# Server-side + + + +# +# Client-side + + +SSL +SSLpinning + + +https Server-localhost-sv.pem + + +pinnedpubkey no-match must fail even when insecure + + +--insecure --cacert %SRCDIR/certs/EdelCurlRoot-ca.crt --pinnedpubkey %SRCDIR/certs/Server-localhost.nn-sv.pub.der https://localhost:%HTTPSPORT/2034 + + + +# +# Verify data after the test has been "shot" + + +90 + + + -- 2.40.0