From 23fe1e85e96a1148da1b9bfee570880770eca3cb Mon Sep 17 00:00:00 2001
From: Steven Fackler <sfackler@gmail.com>
Date: Sat, 29 Oct 2016 18:16:45 -0700
Subject: [PATCH] Pull Curl's CA list for Windows tests

---
 appveyor.yml                 | 2 ++
 openssl/src/ssl/mod.rs       | 2 +-
 openssl/src/ssl/tests/mod.rs | 5 -----
 3 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/appveyor.yml b/appveyor.yml
index 9a7a3dc7..3e23044e 100644
--- a/appveyor.yml
+++ b/appveyor.yml
@@ -1,4 +1,5 @@
 environment:
+  SSL_CERT_FILE: "C:\\OpenSSL\\cacert.pem"
   matrix:
     # 1.1.0, 64/32 bit
     - TARGET: i686-pc-windows-gnu
@@ -23,6 +24,7 @@ install:
   # install OpenSSL
   - ps: Start-FileDownload "http://slproweb.com/download/Win${env:BITS}OpenSSL-${env:OPENSSL_VERSION}.exe"
   - Win%BITS%OpenSSL-%OPENSSL_VERSION%.exe /SILENT /VERYSILENT /SP- /DIR="C:\OpenSSL"
+  - ps: Start-FileDownload "https://curl.haxx.se/ca/cacert.pem" -FileName "C:\OpenSSL\cacert.pem"
 
   # Install Rust
   - curl -sSf -o rustup-init.exe https://win.rustup.rs/
diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs
index ae7abea9..cd7c1426 100644
--- a/openssl/src/ssl/mod.rs
+++ b/openssl/src/ssl/mod.rs
@@ -7,7 +7,7 @@
 //!
 //! To connect as a client to a remote server:
 //!
-//! ```no_run
+//! ```
 //! use openssl::ssl::ClientConnectorBuilder;
 //! use std::io::{Read, Write};
 //! use std::net::TcpStream;
diff --git a/openssl/src/ssl/tests/mod.rs b/openssl/src/ssl/tests/mod.rs
index f98f9928..5a8067c9 100644
--- a/openssl/src/ssl/tests/mod.rs
+++ b/openssl/src/ssl/tests/mod.rs
@@ -1018,7 +1018,6 @@ fn refcount_ssl_context() {
 }
 
 #[test]
-#[cfg_attr(windows, ignore)] // don't have a trusted CA list easily available :(
 fn default_verify_paths() {
     let mut ctx = SslContext::builder(SslMethod::tls()).unwrap();
     ctx.set_default_verify_paths().unwrap();
@@ -1044,7 +1043,6 @@ fn add_extra_chain_cert() {
 }
 
 #[test]
-#[cfg_attr(windows, ignore)] // don't have a trusted CA list easily available :(
 #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))]
 fn verify_valid_hostname() {
     let mut ctx = SslContext::builder(SslMethod::tls()).unwrap();
@@ -1068,7 +1066,6 @@ fn verify_valid_hostname() {
 }
 
 #[test]
-#[cfg_attr(windows, ignore)] // don't have a trusted CA list easily available :(
 #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))]
 fn verify_invalid_hostname() {
     let mut ctx = SslContext::builder(SslMethod::tls()).unwrap();
@@ -1084,7 +1081,6 @@ fn verify_invalid_hostname() {
 }
 
 #[test]
-#[cfg_attr(windows, ignore)] // don't have a trusted CA list easily available :(
 fn connector_valid_hostname() {
     let connector = ClientConnectorBuilder::tls().unwrap().build();
 
@@ -1101,7 +1097,6 @@ fn connector_valid_hostname() {
 }
 
 #[test]
-#[cfg_attr(windows, ignore)] // don't have a trusted CA list easily available :(
 fn connector_invalid_hostname() {
     let connector = ClientConnectorBuilder::tls().unwrap().build();