lib/ureq
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Handle 400-error from client.badssl.com

Browse Source
This commit is contained in:
Martin Algesten
2021-11-26 14:21:41 +01:00
parent a6d1750f14
commit 3709221a28
1 changed files with 30 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
tests/https-agent.rs
View File

@@ -23,6 +23,8 @@ fn agent_set_header() {
assert_eq!("value", json.headers.get("Header").unwrap()); assert_eq!("value", json.headers.get("Header").unwrap());
} }
// From here https://badssl.com/download/
// Decrypt key with: openssl rsa -in ./badssl.com-client.pem
#[cfg(feature = "tls")] #[cfg(feature = "tls")]
const BADSSL_CLIENT_CERT_PEM: &str = r#"Bag Attributes const BADSSL_CLIENT_CERT_PEM: &str = r#"Bag Attributes
localKeyID: 41 C3 6C 33 C7 E3 36 DD EA 4A 1F C0 B7 23 B8 E6 9C DC D8 0F localKeyID: 41 C3 6C 33 C7 E3 36 DD EA 4A 1F C0 B7 23 B8 E6 9C DC D8 0F
@@ -92,6 +94,8 @@ m0Wqhhi8/24Sy934t5Txgkfoltg8ahkx934WjP6WWRnSAu+cf+vW
#[cfg(feature = "tls")] #[cfg(feature = "tls")]
#[test] #[test]
fn tls_client_certificate() { fn tls_client_certificate() {
use ureq::OrAnyStatus;
let certs = rustls_pemfile::certs(&mut BADSSL_CLIENT_CERT_PEM.as_bytes()) let certs = rustls_pemfile::certs(&mut BADSSL_CLIENT_CERT_PEM.as_bytes())
.unwrap() .unwrap()
.into_iter() .into_iter()
@@ -119,7 +123,31 @@ fn tls_client_certificate() {
.tls_config(std::sync::Arc::new(tls_config)) .tls_config(std::sync::Arc::new(tls_config))
.build(); .build();
let resp = agent.get("https://client.badssl.com/").call().unwrap(); let resp = agent.get("https://client.badssl.com/").call();
assert_eq!(resp.status(), 200); // 26 Nov 2021, client.badssl.com responds with a 400:
// In practice this doesn't matter since this test only tries to prove that
// we can use a client certificate and the TLS negotiation does work.
// However our test used to check for a 200, and thus fails.
// < HTTP/1.1 400 Bad Request
// < Server: nginx/1.10.3 (Ubuntu)
// < Date: Fri, 26 Nov 2021 13:13:23 GMT
// < Content-Type: text/html
// < Content-Length: 240
// < Connection: close
// <
// <html>
// <head><title>400 The SSL certificate error</title></head>
// <body bgcolor="white">
// <center><h1>400 Bad Request</h1></center>
// <center>The SSL certificate error</center>
// <hr><center>nginx/1.10.3 (Ubuntu)</center>
// </body>
// We accept that 400 error, but .unwrap() here will fail if the TLS
// negotiation didn't succeed, and that's what we're testing for.
let resp = resp.or_any_status().unwrap();
assert!(resp.into_string().unwrap().len() > 10);
} }