Skip to content

Commit 4505473

Browse files
ethomsonethomson
committed
tests: optionally ignore https cert validation
For testing, we may wish to use a man-in-the-middle proxy that can inspect the CONNECT traffic to our test endpoints. For this, we will need to accept the proxy's certificate, which will not be valid for the true endpoint. Add a new environment variable, GITTEST_REMOTE_SSL_NOVERIFY to disable https certificate validation for the tests.
1 parent 21142c5 commit 4505473

File tree

1 file changed

+18
-0
lines changed

1 file changed

+18
-0
lines changed

tests/online/clone.c

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@ static git_clone_options g_options;
2020
static char *_remote_url = NULL;
2121
static char *_remote_user = NULL;
2222
static char *_remote_pass = NULL;
23+
static char *_remote_sslnoverify = NULL;
2324
static char *_remote_ssh_pubkey = NULL;
2425
static char *_remote_ssh_privkey = NULL;
2526
static char *_remote_ssh_passphrase = NULL;
@@ -34,6 +35,18 @@ static int _orig_proxies_need_reset = 0;
3435
static char *_orig_http_proxy = NULL;
3536
static char *_orig_https_proxy = NULL;
3637

38+
static int ssl_cert(git_cert *cert, int valid, const char *host, void *payload)
39+
{
40+
GIT_UNUSED(cert);
41+
GIT_UNUSED(host);
42+
GIT_UNUSED(payload);
43+
44+
if (_remote_sslnoverify != NULL)
45+
valid = 1;
46+
47+
return valid ? 0 : GIT_ECERTIFICATE;
48+
}
49+
3750
void test_online_clone__initialize(void)
3851
{
3952
git_checkout_options dummy_opts = GIT_CHECKOUT_OPTIONS_INIT;
@@ -46,10 +59,12 @@ void test_online_clone__initialize(void)
4659
g_options.checkout_opts = dummy_opts;
4760
g_options.checkout_opts.checkout_strategy = GIT_CHECKOUT_SAFE;
4861
g_options.fetch_opts = dummy_fetch;
62+
g_options.fetch_opts.callbacks.certificate_check = ssl_cert;
4963

5064
_remote_url = cl_getenv("GITTEST_REMOTE_URL");
5165
_remote_user = cl_getenv("GITTEST_REMOTE_USER");
5266
_remote_pass = cl_getenv("GITTEST_REMOTE_PASS");
67+
_remote_sslnoverify = cl_getenv("GITTEST_REMOTE_SSL_NOVERIFY");
5368
_remote_ssh_pubkey = cl_getenv("GITTEST_REMOTE_SSH_PUBKEY");
5469
_remote_ssh_privkey = cl_getenv("GITTEST_REMOTE_SSH_KEY");
5570
_remote_ssh_passphrase = cl_getenv("GITTEST_REMOTE_SSH_PASSPHRASE");
@@ -74,6 +89,7 @@ void test_online_clone__cleanup(void)
7489
git__free(_remote_url);
7590
git__free(_remote_user);
7691
git__free(_remote_pass);
92+
git__free(_remote_sslnoverify);
7793
git__free(_remote_ssh_pubkey);
7894
git__free(_remote_ssh_privkey);
7995
git__free(_remote_ssh_passphrase);
@@ -483,6 +499,7 @@ void test_online_clone__ssh_auth_methods(void)
483499
#endif
484500
g_options.fetch_opts.callbacks.credentials = check_ssh_auth_methods;
485501
g_options.fetch_opts.callbacks.payload = &with_user;
502+
g_options.fetch_opts.callbacks.certificate_check = NULL;
486503

487504
with_user = 0;
488505
cl_git_fail_with(GIT_EUSER,
@@ -535,6 +552,7 @@ void test_online_clone__ssh_with_paths(void)
535552
g_options.fetch_opts.callbacks.transport = git_transport_ssh_with_paths;
536553
g_options.fetch_opts.callbacks.credentials = cred_cb;
537554
g_options.fetch_opts.callbacks.payload = &arr;
555+
g_options.fetch_opts.callbacks.certificate_check = NULL;
538556

539557
cl_git_fail(git_clone(&g_repo, _remote_url, "./foo", &g_options));
540558

0 commit comments

Comments
 (0)