rtls 'Failed to add native certificate too root store: UnsupportedCriticalExtension' main thread panic

[finicu212]

Hi!

I'm trying to fuzz a public yaml: https://github.com/OAI/OpenAPI-Specification/blob/main/examples/v3.0/petstore.yaml with endpoint here https://petstore.swagger.io/v2

however, it fails with message (running with RUST_BACKTRACE=1)

$ openapi-fuzzer -s petstore.yaml -u https://petstore.swagger.io/v2/

thread 'main' panicked at 'Failed to add native certificate too root store: UnsupportedCriticalExtension', C:\Users\Finicu\.cargo\registry\src\github.com-1ecc6299db9ec823\ureq-2.5.0\src\rtls.rs:74:14
stack backtrace:
   0:     0x7ff71a9da9ef - <unknown>
     ... (other <unknown> threads) ...
  22:     0x7ff71aa0515c - <unknown>
  23:     0x7ffaece27034 - BaseThreadInitThunk
  24:     0x7ffaeec82651 - RtlUserThreadStart

Any idea what could be causing this? Thanks!

openapi-fuzzer was installed via cargo $ cargo install openapi-fuzzer ( openapi-fuzzer v0.1.3 )

[matusf]

Hi, it seems that their certificate revocation list contained some unsupported critical extension. Anyway, it seems to be either temporary of fixed. The current version of fuzzer (c487471) runs without errors.

> openapi-fuzzer run -s petstore.yaml -u https://petstore.swagger.io/v2/
METHOD  PATH          STATUS   MEAN (μs) STD.DEV. MIN (μs)   MAX (μs)
GET     pets          failed      126826    51502   119230     535366
POST    pets          failed      119294        0   119294     119294
GET     pets/{petId}  failed      343521   151851   118650     517926