| // Copyright 2011 The Go Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style |
| // license that can be found in the LICENSE file. |
| |
| package tls |
| |
| import ( |
| "crypto/x509" |
| "runtime" |
| "testing" |
| ) |
| |
| var tlsServers = []string{ |
| "google.com", |
| "github.com", |
| "twitter.com", |
| } |
| |
| func TestOSCertBundles(t *testing.T) { |
| if testing.Short() { |
| t.Logf("skipping certificate tests in short mode") |
| return |
| } |
| |
| for _, addr := range tlsServers { |
| conn, err := Dial("tcp", addr+":443", &Config{ServerName: addr}) |
| if err != nil { |
| t.Errorf("unable to verify %v: %v", addr, err) |
| continue |
| } |
| err = conn.Close() |
| if err != nil { |
| t.Error(err) |
| } |
| } |
| } |
| |
| func TestCertHostnameVerifyWindows(t *testing.T) { |
| if runtime.GOOS != "windows" { |
| return |
| } |
| |
| if testing.Short() { |
| t.Logf("skipping certificate tests in short mode") |
| return |
| } |
| |
| for _, addr := range tlsServers { |
| cfg := &Config{ServerName: "example.com"} |
| conn, err := Dial("tcp", addr+":443", cfg) |
| if err == nil { |
| conn.Close() |
| t.Errorf("should fail to verify for example.com: %v", addr) |
| continue |
| } |
| _, ok := err.(x509.HostnameError) |
| if !ok { |
| t.Errorf("error type mismatch, got: %v", err) |
| } |
| } |
| } |