Skip to content

Instantly share code, notes, and snippets.

@alexcrichton

alexcrichton/a.rs Secret

Created April 23, 2020 17:58
Show Gist options
  • Save alexcrichton/ed4e1f2e36edfe6892d46e567d9fbba7 to your computer and use it in GitHub Desktop.
Save alexcrichton/ed4e1f2e36edfe6892d46e567d9fbba7 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
a.rs
use curl::easy::*;
#[derive(Debug, Default)]
struct Test {
url: &'static str,
ciphers: Option<&'static str>,
min_version: Option<SslVersion>,
max_version: Option<SslVersion>,
verbose: bool,
}
fn main() {
bad(Test {
url: "https://expired.badssl.com/",
..Test::default()
});
bad(Test {
url: "https://wrong.host.badssl.com/",
..Test::default()
});
bad(Test {
url: "https://self-signed.badssl.com/",
..Test::default()
});
bad(Test {
url: "https://untrusted-root.badssl.com/",
..Test::default()
});
good(Test {
url: "https://sha1-intermediate.badssl.com/",
..Test::default()
});
bad(Test {
url: "https://dh480.badssl.com/",
..Test::default()
});
bad(Test {
url: "https://dh512.badssl.com/",
..Test::default()
});
good(Test {
url: "https://dh1024.badssl.com/",
..Test::default()
});
good(Test {
url: "https://tls-v1-0.badssl.com:1010/",
..Test::default()
});
bad(Test {
url: "https://tls-v1-0.badssl.com:1010/",
min_version: Some(SslVersion::Tlsv11),
..Test::default()
});
bad(Test {
url: "https://tls-v1-0.badssl.com:1010/",
min_version: Some(SslVersion::Tlsv11),
max_version: Some(SslVersion::Default),
..Test::default()
});
good(Test {
url: "https://tls-v1-1.badssl.com:1011/",
..Test::default()
});
good(Test {
url: "https://tls-v1-1.badssl.com:1011/",
min_version: Some(SslVersion::Tlsv11),
..Test::default()
});
bad(Test {
url: "https://tls-v1-1.badssl.com:1011/",
min_version: Some(SslVersion::Tlsv12),
..Test::default()
});
bad(Test {
url: "https://tls-v1-1.badssl.com:1011/",
min_version: Some(SslVersion::Tlsv12),
max_version: Some(SslVersion::Default),
..Test::default()
});
good(Test {
url: "https://tls-v1-2.badssl.com:1012/",
..Test::default()
});
good(Test {
url: "https://tls-v1-2.badssl.com:1012/",
min_version: Some(SslVersion::Tlsv11),
..Test::default()
});
good(Test {
url: "https://tls-v1-2.badssl.com:1012/",
min_version: Some(SslVersion::Tlsv12),
..Test::default()
});
good(Test {
url: "https://tls-v1-2.badssl.com:1012/",
min_version: Some(SslVersion::Tlsv12),
max_version: Some(SslVersion::Default),
..Test::default()
});
bad(Test {
url: "https://rc4-md5.badssl.com/",
..Test::default()
});
bad(Test {
url: "https://rc4.badssl.com/",
..Test::default()
});
bad(Test {
url: "https://3des.badssl.com/",
..Test::default()
});
bad(Test {
url: "https://null.badssl.com/",
..Test::default()
});
}
fn bad(test: Test) {
match run(&test) {
Ok(_) => {
println!("GOOD NOT BAD");
println!("\t{:?}", test);
}
Err(e) if e.is_ssl_connect_error() => {}
Err(e) if e.is_peer_failed_verification() => {}
Err(e) => {
println!("WRONG ERROR");
println!("\t{:?}", test);
println!("\t{:?}", e);
}
}
}
fn good(test: Test) {
match run(&test) {
Ok(_) => {}
Err(e) => {
println!("BAD NOT GOOD");
println!("\t{:?}", test);
println!("\t{:?}", e);
}
}
}
fn run(test: &Test) -> Result<u32, curl::Error> {
let mut h = Easy::new();
h.get(true)?;
h.url(test.url)?;
h.verbose(test.verbose)?;
if let Some(ciphers) = test.ciphers {
h.ssl_cipher_list(ciphers)?;
}
match (test.min_version, test.max_version) {
(Some(min), Some(max)) => {
h.ssl_min_max_version(min, max)?;
}
(Some(v), None) | (None, Some(v)) => {
h.ssl_version(v)?;
}
(None, None) => {}
}
h.perform()?;
h.response_code()
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment