Add more domains to tls_sample_application (#11265)

alexcrichton · alexcrichton · commit cc1506054bc8 · 2025-07-22T07:48:19.000-07:00
Both our current domains failed in https://github.com/bytecodealliance/wasmtime/actions/runs/16349123310/job/46190913918 so add a few more.
diff --git a/crates/test-programs/src/bin/tls_sample_application.rs b/crates/test-programs/src/bin/tls_sample_application.rs
@@ -55,20 +55,30 @@ fn test_tls_invalid_certificate(_domain: &str, ip: IpAddress) -> Result<()> {
         .context("tcp connect failed")?;
 
     match ClientHandshake::new(BAD_DOMAIN, tcp_input, tcp_output).blocking_finish() {
-        // We're expecting an error regarding the "certificate" is some form or
-        // another. When we add more TLS backends this naive
-        // check will likely need to be revisited/expanded:
-        Err(e) if e.to_debug_string().contains("certificate") => Ok(()),
-
-        Err(e) => Err(e.into()),
+        Err(e) => {
+            let debug_string = e.to_debug_string();
+            // We're expecting an error regarding certificates in some form or
+            // another. When we add more TLS backends this naive check will
+            // likely need to be revisited/expanded:
+            if debug_string.contains("certificate") || debug_string.contains("HandshakeFailure") {
+                return Ok(());
+            }
+            Err(e.into())
+        }
         Ok(_) => panic!("expecting server name mismatch"),
     }
 }
 
 fn try_live_endpoints(test: impl Fn(&str, IpAddress) -> Result<()>) {
     // since this is testing remote endpoints to ensure system cert store works
     // the test uses a couple different endpoints to reduce the number of flakes
-    const DOMAINS: &'static [&'static str] = &["example.com", "api.github.com"];
+    const DOMAINS: &'static [&'static str] = &[
+        "example.com",
+        "api.github.com",
+        "docs.wasmtime.dev",
+        "bytecodealliance.org",
+        "www.rust-lang.org",
+    ];
 
     let net = Network::default();
 
@@ -94,6 +104,8 @@ fn try_live_endpoints(test: impl Fn(&str, IpAddress) -> Result<()>) {
 }
 
 fn main() {
+    println!("sample app");
     try_live_endpoints(test_tls_sample_application);
+    println!("invalid cert");
     try_live_endpoints(test_tls_invalid_certificate);
 }
diff --git a/crates/wasi-tls/tests/main.rs b/crates/wasi-tls/tests/main.rs
@@ -27,6 +27,7 @@ async fn run_test(path: &str) -> Result<()> {
     let ctx = Ctx {
         table: ResourceTable::new(),
         wasi_ctx: WasiCtxBuilder::new()
+            .inherit_stdout()
             .inherit_stderr()
             .inherit_network()
             .allow_ip_name_lookup(true)
