Orange-OpenSource/hurl
1
1
Fork 0
mirror of https://github.com/Orange-OpenSource/hurl.git synced 2024-11-22 15:42:20 +03:00
Code Issues Packages Projects Releases Wiki Activity

Add option ssl-no-revoke

Browse Source
This commit is contained in:
Fabrice Reix 2023-01-13 08:08:14 +01:00 committed by jcamiel
parent b6afcb7da2
commit f12ce3e597
No known key found for this signature in database
GPG Key ID: 07FF11CFD55356CC
7 changed files with 45 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
integration/ssl/cacert.hurl
View File

@ -1,3 +1,5 @@
# Access an SSL endpoint with a custom CA
# Remark: The option --ssl-no-revoke must be set for windows
GET https://localhost:8002/hello
HTTP 200

2
integration/ssl/cacert.options
View File

@ -1,2 +1,4 @@
--cacert
ssl/ca/cert.pem
--ssl-no-revoke

9
packages/hurl/src/cli/options.rs
View File

@ -61,6 +61,7 @@ pub struct CliOptions {
pub retry: bool,
pub retry_interval: Duration,
pub retry_max_count: Option<usize>,
pub ssl_no_revoke: bool,
pub test: bool,
pub timeout: Duration,
pub to_entry: Option<usize>,
@ -339,6 +340,12 @@ pub fn app(version: &str) -> Command {
.value_parser(value_parser!(i32).range(-1..))
.num_args(1)
)
.arg(
clap::Arg::new("ssl_no_revoke")
.long("ssl-no-revoke")
.help("(Schannel) This option tells curl to disable certificate revocation checks. WARNING: this option loosens the SSL security, and by using this flag you ask for exactly that.")
.action(ArgAction::SetTrue)
)
.arg(
clap::Arg::new("test")
.long("test")
@ -502,6 +509,7 @@ pub fn parse_options(matches: &ArgMatches) -> Result<CliOptions, CliError> {
r if r == -1 => None,
r => Some(r as usize),
};
let ssl_no_revoke = has_flag(matches, "ssl_no_revoke");
let timeout = get::<u64>(matches, "max_time").unwrap();
let timeout = Duration::from_secs(timeout);
let to_entry = get::<u32>(matches, "to_entry").map(|x| x as usize);
@ -540,6 +548,7 @@ pub fn parse_options(matches: &ArgMatches) -> Result<CliOptions, CliError> {
retry,
retry_interval,
retry_max_count,
ssl_no_revoke,
test,
timeout,
to_entry,

11
packages/hurl/src/http/client.rs
View File

@ -33,7 +33,7 @@ use crate::cli::Logger;
use crate::http::ContextDir;
use base64::engine::general_purpose;
use base64::Engine;
use curl::easy::List;
use curl::easy::{List, SslOpt};
use std::str::FromStr;
use url::Url;
@ -162,6 +162,8 @@ impl Client {
.connect_timeout(options.connect_timeout)
.unwrap();
self.set_ssl_options(options.ssl_no_revoke);
let url = self.generate_url(&request_spec.url, &request_spec.querystring);
self.handle.url(url.as_str()).unwrap();
let method = &request_spec.method;
@ -494,6 +496,13 @@ impl Client {
}
}
/// Sets SSL options
fn set_ssl_options(&mut self, no_revoke: bool) {
let mut ssl_opt = SslOpt::new();
ssl_opt.no_revoke(no_revoke);
self.handle.ssl_options(&ssl_opt).unwrap();
}
/// URL encodes parameters.
fn url_encode_params(&mut self, params: &[Param]) -> String {
params

31
packages/hurl/src/http/options.rs
View File

@ -22,21 +22,22 @@ pub struct ClientOptions {
pub cacert_file: Option<String>,
pub client_cert_file: Option<String>,
pub client_key_file: Option<String>,
pub compressed: bool,
pub connect_timeout: Duration,
pub connects_to: Vec<String>,
pub follow_location: bool,
pub max_redirect: Option<usize>,
pub cookie_input_file: Option<String>,
pub proxy: Option<String>,
pub no_proxy: Option<String>,
pub verbosity: Option<Verbosity>,
pub follow_location: bool,
pub insecure: bool,
pub max_redirect: Option<usize>,
pub no_proxy: Option<String>,
pub proxy: Option<String>,
pub resolves: Vec<String>,
pub retry_max_count: Option<usize>,
pub ssl_no_revoke: bool,
pub timeout: Duration,
pub connect_timeout: Duration,
pub user: Option<String>,
pub user_agent: Option<String>,
pub compressed: bool,
pub verbosity: Option<Verbosity>,
}
#[derive(Clone, Debug, PartialEq, Eq)]
@ -51,21 +52,22 @@ impl Default for ClientOptions {
cacert_file: None,
client_cert_file: None,
client_key_file: None,
compressed: false,
connect_timeout: Duration::from_secs(300),
connects_to: vec![],
follow_location: false,
max_redirect: Some(50),
cookie_input_file: None,
proxy: None,
no_proxy: None,
verbosity: None,
follow_location: false,
insecure: false,
max_redirect: Some(50),
no_proxy: None,
proxy: None,
resolves: vec![],
retry_max_count: Some(10),
ssl_no_revoke: false,
timeout: Duration::from_secs(300),
connect_timeout: Duration::from_secs(300),
user: None,
user_agent: None,
compressed: false,
verbosity: None,
}
}
}
@ -166,6 +168,7 @@ mod tests {
"bar.com:443:127.0.0.1".to_string()
],
retry_max_count: Some(10),
ssl_no_revoke: false,
timeout: Duration::from_secs(10),
connect_timeout: Duration::from_secs(20),
user: Some("user:password".to_string()),

1
packages/hurl/src/runner/entry.rs
View File

@ -239,6 +239,7 @@ impl From<&RunnerOptions> for ClientOptions {
insecure: runner_options.insecure,
resolves: runner_options.resolves.clone(),
retry_max_count: runner_options.retry_max_count,
ssl_no_revoke: runner_options.ssl_no_revoke,
timeout: runner_options.timeout,
connect_timeout: runner_options.connect_timeout,
user: runner_options.user.clone(),

4
packages/hurl/src/runner/runner_options.rs
View File

@ -299,6 +299,7 @@ impl RunnerOptionsBuilder {
retry: self.retry,
retry_interval: self.retry_interval,
retry_max_count: self.retry_max_count,
ssl_no_revoke: false,
timeout: self.timeout,
to_entry: self.to_entry,
user: self.user.clone(),
@ -331,6 +332,7 @@ pub struct RunnerOptions {
pub(crate) retry: bool,
pub(crate) retry_interval: Duration,
pub(crate) retry_max_count: Option<usize>,
pub(crate) ssl_no_revoke: bool,
pub(crate) timeout: Duration,
pub(crate) to_entry: Option<usize>,
pub(crate) user: Option<String>,
@ -395,6 +397,7 @@ impl RunnerOptions {
let retry_interval = cli_options.retry_interval;
let retry_max_count = cli_options.retry_max_count;
let ignore_asserts = cli_options.ignore_asserts;
let ssl_no_revoke = cli_options.ssl_no_revoke;
RunnerOptions {
cacert_file,
@ -418,6 +421,7 @@ impl RunnerOptions {
retry,
retry_interval,
retry_max_count,
ssl_no_revoke,
timeout,
to_entry,
user,