min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Avoid false-failures if underlying network connection errors 

In Air-Gapped or otherwise network-restricted environments,
   TcpStream::connect can spuriously fail due to name resolution
   failure, or just in establishing the socket itself.

In this situation, the test can't give a meaningful result, and this
failure doesn't indicate a problem in the OpenSSL stack.

Bug: https://github.com/sfackler/rust-openssl/issues/1215
This commit is contained in:
Kent Fredric 2019-12-27 21:15:39 +13:00
parent 9b2eced529
commit bba670dc90
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
openssl/src/ssl/test/mod.rs
View File

@ -601,7 +601,10 @@ fn default_verify_paths() {
ctx.set_default_verify_paths().unwrap();
ctx.set_verify(SslVerifyMode::PEER);
let ctx = ctx.build();
let s = TcpStream::connect("google.com:443").unwrap();
let s = match TcpStream::connect("google.com:443") {
Ok(s) => s,
Err(_) => return,
};
let mut ssl = Ssl::new(&ctx).unwrap();
ssl.set_hostname("google.com").unwrap();
let mut socket = ssl.connect(s).unwrap();