Swift
summaryrefslogtreecommitdiffstats
path: root/Swiften/QA/TLSTest/CertificateErrorTest.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'Swiften/QA/TLSTest/CertificateErrorTest.cpp')
-rw-r--r--Swiften/QA/TLSTest/CertificateErrorTest.cpp5
1 files changed, 5 insertions, 0 deletions
diff --git a/Swiften/QA/TLSTest/CertificateErrorTest.cpp b/Swiften/QA/TLSTest/CertificateErrorTest.cpp
index 3b33e8e..1d87994 100644
--- a/Swiften/QA/TLSTest/CertificateErrorTest.cpp
+++ b/Swiften/QA/TLSTest/CertificateErrorTest.cpp
@@ -97,61 +97,66 @@ class CertificateErrorTest : public CppUnit::TestFixture {
void connectToServer(boost::shared_ptr<TLSConnection> connection, const std::string& hostname, int port) {
connection->onConnectFinished.connect(boost::bind(&CertificateErrorTest::handleConnectFinished, this, _1));
HostAddress address = resolveName(hostname);
connection->connect(HostAddressPort(address, port));
while (!connectFinished_) {
eventLoop_->processEvents();
}
}
void testTLS_O_MaticTrusted() {
boost::shared_ptr<TLSConnection> connection = boost::dynamic_pointer_cast<TLSConnection>(tlsConnectionFactory_->createConnection());
TLSContext* context = connection->getTLSContext();
connectToServer(connection, "test1.tls-o-matic.com", 443);
CPPUNIT_ASSERT_EQUAL(false, connectFinishedWithError_);
CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::ref(), context->getPeerCertificateVerificationError());
}
void testTLS_O_MaticCertificateFromTheFuture() {
boost::shared_ptr<TLSConnection> connection = boost::dynamic_pointer_cast<TLSConnection>(tlsConnectionFactory_->createConnection());
TLSContext* context = connection->getTLSContext();
connectToServer(connection, "test5.tls-o-matic.com", 405);
CPPUNIT_ASSERT_EQUAL(false, connectFinishedWithError_);
CPPUNIT_ASSERT(context->getPeerCertificateVerificationError());
+#if defined(HAVE_SCHANNEL)
+ // Windows SChannel API does not differentiate between expired and not yet valid.
+ CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::Expired, context->getPeerCertificateVerificationError()->getType());
+#else
CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::NotYetValid, context->getPeerCertificateVerificationError()->getType());
+#endif
}
void testTLS_O_MaticCertificateFromThePast() {
boost::shared_ptr<TLSConnection> connection = boost::dynamic_pointer_cast<TLSConnection>(tlsConnectionFactory_->createConnection());
TLSContext* context = connection->getTLSContext();
connectToServer(connection, "test6.tls-o-matic.com", 406);
CPPUNIT_ASSERT_EQUAL(false, connectFinishedWithError_);
CPPUNIT_ASSERT(context->getPeerCertificateVerificationError());
CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::Expired, context->getPeerCertificateVerificationError()->getType());
}
void testTLS_O_MaticCertificateFromUnknownCA() {
boost::shared_ptr<TLSConnection> connection = boost::dynamic_pointer_cast<TLSConnection>(tlsConnectionFactory_->createConnection());
TLSContext* context = connection->getTLSContext();
connectToServer(connection, "test7.tls-o-matic.com", 407);
CPPUNIT_ASSERT_EQUAL(false, connectFinishedWithError_);
CPPUNIT_ASSERT(context->getPeerCertificateVerificationError());
CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::Untrusted, context->getPeerCertificateVerificationError()->getType());
}
// test14.tls-o-matic.com:414
void testTLS_O_MaticCertificateWrongPurpose() {
boost::shared_ptr<TLSConnection> connection = boost::dynamic_pointer_cast<TLSConnection>(tlsConnectionFactory_->createConnection());
TLSContext* context = connection->getTLSContext();
connectToServer(connection, "test14.tls-o-matic.com", 414);