curl/tests/data/test2079
Marc Hoersken b3e1ed3160
tests: add Schannel-specific tests and disable unsupported ones
Adds Schannel variants of SSLpinning tests that include the option
--ssl-revoke-best-effort to ignore certificate revocation check
failures which is required due to our custom test CA certificate.

Disable the original variants if the Schannel backend is enabled.

Also skip all IDN tests which are broken while using an msys shell.

This is a step to simplify test exclusions for Windows and MinGW.

Reviewed-by: Jay Satiro
Reviewed-by: Marcel Raad
Reviewed-by: Daniel Stenberg
Closes #7968
2021-11-09 06:34:33 +01:00

62 lines
1.1 KiB
Plaintext

<testcase>
<info>
<keywords>
HTTPS
HTTP GET
PEM certificate
</keywords>
</info>
#
# Server-side
<reply>
<data>
HTTP/1.1 200 OK
Date: Tue, 09 Nov 2010 14:49:00 GMT
Server: test-server/fake
Content-Length: 7
MooMoo
</data>
</reply>
#
# Client-side
<client>
<features>
SSL
SSLpinning
Schannel
</features>
<server>
https Server-localhost-sv.pem
</server>
<name>
simple HTTPS GET with PEM public key pinning (Schannel variant)
</name>
<setenv>
# This test is pointless if we're not using the schannel backend
CURL_SSL_BACKEND=schannel
</setenv>
<command>
--cacert %SRCDIR/certs/EdelCurlRoot-ca.crt --pinnedpubkey %SRCDIR/certs/Server-localhost-sv.pub.pem --ssl-revoke-best-effort https://localhost:%HTTPSPORT/%TESTNUMBER
</command>
# Ensure that we're running on localhost because we're checking the host name
<precheck>
perl -e "print 'Test requires default test server host' if ( '%HOSTIP' ne '127.0.0.1' );"
</precheck>
</client>
#
# Verify data after the test has been "shot"
<verify>
<protocol>
GET /%TESTNUMBER HTTP/1.1
Host: localhost:%HTTPSPORT
User-Agent: curl/%VERSION
Accept: */*
</protocol>
</verify>
</testcase>