From a1b603e73c42778f1aa3bf786a0ef0de9cded3fb Mon Sep 17 00:00:00 2001
From: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
Date: Mon, 18 Nov 2019 15:13:56 +0000
Subject: [PATCH] CPP: Add the examples to the test.

---
 .../TlsSettingsMisconfiguration.expected      |  1 +
 .../Likely Bugs/Protocols/test3.cpp           | 19 +++++++++++++++++++
 2 files changed, 20 insertions(+)
 create mode 100644 cpp/ql/test/query-tests/Likely Bugs/Protocols/test3.cpp

diff --git a/cpp/ql/test/query-tests/Likely Bugs/Protocols/TlsSettingsMisconfiguration.expected b/cpp/ql/test/query-tests/Likely Bugs/Protocols/TlsSettingsMisconfiguration.expected
index c6883e156d1..26e1ba28f49 100644
--- a/cpp/ql/test/query-tests/Likely Bugs/Protocols/TlsSettingsMisconfiguration.expected	
+++ b/cpp/ql/test/query-tests/Likely Bugs/Protocols/TlsSettingsMisconfiguration.expected	
@@ -9,6 +9,7 @@
 | test2.cpp:52:32:52:65 | call to context | Usage of $@ with protocol $@ is not configured correctly: The option $@. | test2.cpp:52:32:52:65 | call to context | boost::asio::ssl::context::context | test2.cpp:52:32:52:64 | sslv23 | sslv23 | test2.cpp:52:32:52:65 | call to context | no_sslv3 has not been set |
 | test2.cpp:52:32:52:65 | call to context | Usage of $@ with protocol $@ is not configured correctly: The option $@. | test2.cpp:52:32:52:65 | call to context | boost::asio::ssl::context::context | test2.cpp:52:32:52:64 | sslv23 | sslv23 | test2.cpp:52:32:52:65 | call to context | no_tlsv1 has not been set |
 | test2.cpp:52:32:52:65 | call to context | Usage of $@ with protocol $@ is not configured correctly: The option $@. | test2.cpp:52:32:52:65 | call to context | boost::asio::ssl::context::context | test2.cpp:52:32:52:64 | sslv23 | sslv23 | test2.cpp:52:32:52:65 | call to context | no_tlsv1_1 has not been set |
+| test3.cpp:7:32:7:62 | call to context | Usage of $@ with protocol $@ is not configured correctly: The option $@. | test3.cpp:7:32:7:62 | call to context | boost::asio::ssl::context::context | test3.cpp:7:32:7:61 | tls | tls | test3.cpp:7:32:7:62 | call to context | no_tlsv1_1 has not been set |
 | test.cpp:25:32:25:65 | call to context | Usage of $@ with protocol $@ is not configured correctly: The option $@. | test.cpp:25:32:25:65 | call to context | boost::asio::ssl::context::context | test.cpp:25:32:25:64 | sslv23 | sslv23 | test.cpp:25:32:25:65 | call to context | no_sslv3 has not been set |
 | test.cpp:31:32:31:65 | call to context | Usage of $@ with protocol $@ is not configured correctly: The option $@. | test.cpp:31:32:31:65 | call to context | boost::asio::ssl::context::context | test.cpp:31:32:31:64 | sslv23 | sslv23 | test.cpp:31:32:31:65 | call to context | no_sslv3 has not been set |
 | test.cpp:31:32:31:65 | call to context | Usage of $@ with protocol $@ is not configured correctly: The option $@. | test.cpp:31:32:31:65 | call to context | boost::asio::ssl::context::context | test.cpp:31:32:31:64 | sslv23 | sslv23 | test.cpp:31:32:31:65 | call to context | no_tlsv1 has not been set |
diff --git a/cpp/ql/test/query-tests/Likely Bugs/Protocols/test3.cpp b/cpp/ql/test/query-tests/Likely Bugs/Protocols/test3.cpp
new file mode 100644
index 00000000000..0e251e63195
--- /dev/null
+++ b/cpp/ql/test/query-tests/Likely Bugs/Protocols/test3.cpp	
@@ -0,0 +1,19 @@
+#include "asio/boost_simulation.hpp"
+
+// examples from the qhelp...
+
+void useTLS_bad()
+{
+	boost::asio::ssl::context ctx(boost::asio::ssl::context::tls);
+	ctx.set_options(boost::asio::ssl::context::no_tlsv1); // BAD: missing SSL_OP_NO_TLSv1_1
+
+	// ...
+}
+
+void useTLS_good()
+{
+	boost::asio::ssl::context ctx(boost::asio::ssl::context::tls);
+	ctx.set_options(boost::asio::ssl::context::no_tlsv1 | boost::asio::ssl::context::no_tlsv1_1); // GOOD
+
+	// ...
+}