From 915c0875428e73e9e41a5da05f9d80671da9533c Mon Sep 17 00:00:00 2001
From: Tobias Markmann <tm@ayena.de>
Date: Mon, 8 Feb 2016 17:08:16 +0100
Subject: Fix and adjust TLSTest to Windows SChannel backend

Test-Information:

./scons test=system Swiften/QA/TLSTest passes on Windows 8.

Change-Id: I688ec5d0022c02879ff56029d724e6dd30b89a99

diff --git a/Swiften/QA/TLSTest/CertificateErrorTest.cpp b/Swiften/QA/TLSTest/CertificateErrorTest.cpp
index 3b33e8e..1d87994 100644
--- a/Swiften/QA/TLSTest/CertificateErrorTest.cpp
+++ b/Swiften/QA/TLSTest/CertificateErrorTest.cpp
@@ -124,7 +124,12 @@ class CertificateErrorTest : public CppUnit::TestFixture {
 
 			CPPUNIT_ASSERT_EQUAL(false, connectFinishedWithError_);
 			CPPUNIT_ASSERT(context->getPeerCertificateVerificationError());
+#if defined(HAVE_SCHANNEL)
+			// Windows SChannel API does not differentiate between expired and not yet valid.
+			CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::Expired, context->getPeerCertificateVerificationError()->getType());
+#else
 			CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::NotYetValid, context->getPeerCertificateVerificationError()->getType());
+#endif
 		}
 
 		void testTLS_O_MaticCertificateFromThePast() {
diff --git a/Swiften/QA/TLSTest/SConscript b/Swiften/QA/TLSTest/SConscript
index c597ab1..0ac50e6 100644
--- a/Swiften/QA/TLSTest/SConscript
+++ b/Swiften/QA/TLSTest/SConscript
@@ -10,8 +10,15 @@ if env["TEST"] :
 	myenv.MergeFlags(myenv["SWIFTEN_DEP_FLAGS"])
 	myenv.MergeFlags(myenv["CPPUNIT_FLAGS"])
 	
+	if myenv.get("HAVE_OPENSSL", 0) :
+		myenv.Append(CPPDEFINES = "HAVE_OPENSSL")
+	elif myenv.get("HAVE_SCHANNEL", 0) :
+		myenv.Append(CPPDEFINES = "HAVE_SCHANNEL")
+	elif myenv.get("HAVE_SECURETRANSPORT", 0) :
+		myenv.Append(CPPDEFINES = "HAVE_SECURETRANSPORT")
+	
 	tester = myenv.Program("TLSTest", [
 			"CertificateTest.cpp",
 			"CertificateErrorTest.cpp"
 		])
-	myenv.Test(tester, "system")
+	myenv.Test(tester, "system")
\ No newline at end of file
diff --git a/Swiften/TLS/Schannel/SchannelContext.cpp b/Swiften/TLS/Schannel/SchannelContext.cpp
index 70ff7dd..62aa137 100644
--- a/Swiften/TLS/Schannel/SchannelContext.cpp
+++ b/Swiften/TLS/Schannel/SchannelContext.cpp
@@ -5,18 +5,20 @@
  */
 
 /*
- * Copyright (c) 2012-2015 Isode Limited.
+ * Copyright (c) 2012-2016 Isode Limited.
  * All rights reserved.
  * See the COPYING file for more information.
  */
 
+#include <Swiften/TLS/Schannel/SchannelContext.h>
+
 #include <boost/bind.hpp>
 
-#include <Swiften/TLS/Schannel/SchannelContext.h>
-#include <Swiften/TLS/Schannel/SchannelCertificate.h>
-#include <Swiften/TLS/CAPICertificate.h>
 #include <WinHTTP.h> /* For SECURITY_FLAG_IGNORE_CERT_CN_INVALID */
 
+#include <Swiften/TLS/CAPICertificate.h>
+#include <Swiften/TLS/Schannel/SchannelCertificate.h>
+
 namespace Swift {
 
 //------------------------------------------------------------------------
@@ -392,6 +394,9 @@ void SchannelContext::handleCertError(SECURITY_STATUS status)
 			 status == CRYPT_E_REVOCATION_OFFLINE) {
 		verificationError_ = CertificateVerificationError::RevocationCheckFailed;
 	}
+	else if (status == CERT_E_WRONG_USAGE) {
+		verificationError_ = CertificateVerificationError::InvalidPurpose;
+	}
 	else {
 		verificationError_ = CertificateVerificationError::UnknownError;
 	}
-- 
cgit v0.10.2-6-g49f6