19 May
2010
19 May
'10
3:10 p.m.
I don't see a good reason for writing small http server in tests. It's a lot of work. Certificate verification errors can be checked in crypt32 tests, it can be done locally (there are already some tests).
The crypt32 tests don't demonstrate the change you're making. wininet (and winhttp) really need their own tests for how certificate failures should be handled. A local http server would be ideal, but I wasn't asking for that: I only asked for a single test certificate, as even a single test would be useful, even if it doesn't provide much coverage. Right now, all certificates could be accepted or rejected, and we wouldn't know until bug reports started coming in. --Juan