|
|
@@ -16,6 +16,7 @@ class SocketCoreTest:public CppUnit::TestFixture {
|
|
|
CPPUNIT_TEST(testGetSocketError);
|
|
|
CPPUNIT_TEST(testInetNtop);
|
|
|
CPPUNIT_TEST(testGetBinAddr);
|
|
|
+ CPPUNIT_TEST(testVerifyHostname);
|
|
|
CPPUNIT_TEST_SUITE_END();
|
|
|
public:
|
|
|
void setUp() {}
|
|
|
@@ -26,6 +27,7 @@ public:
|
|
|
void testGetSocketError();
|
|
|
void testInetNtop();
|
|
|
void testGetBinAddr();
|
|
|
+ void testVerifyHostname();
|
|
|
};
|
|
|
|
|
|
|
|
|
@@ -123,4 +125,88 @@ void SocketCoreTest::testGetBinAddr()
|
|
|
CPPUNIT_ASSERT_EQUAL((size_t)0, net::getBinAddr(dest, "localhost"));
|
|
|
}
|
|
|
|
|
|
+void SocketCoreTest::testVerifyHostname()
|
|
|
+{
|
|
|
+ {
|
|
|
+ std::vector<std::string> dnsNames, ipAddrs;
|
|
|
+ std::string commonName;
|
|
|
+ CPPUNIT_ASSERT(!net::verifyHostname("example.org",
|
|
|
+ dnsNames, ipAddrs, commonName));
|
|
|
+ }
|
|
|
+ {
|
|
|
+ // Only commonName is provided
|
|
|
+ std::vector<std::string> dnsNames, ipAddrs;
|
|
|
+ std::string commonName = "example.org";
|
|
|
+ CPPUNIT_ASSERT(net::verifyHostname("example.org",
|
|
|
+ dnsNames, ipAddrs, commonName));
|
|
|
+ }
|
|
|
+ {
|
|
|
+ // Match against dNSName in subjectAltName
|
|
|
+ std::vector<std::string> dnsNames, ipAddrs;
|
|
|
+ dnsNames.push_back("foo");
|
|
|
+ dnsNames.push_back("example.org");
|
|
|
+ std::string commonName = "exampleX.org";
|
|
|
+ CPPUNIT_ASSERT(net::verifyHostname("example.org",
|
|
|
+ dnsNames, ipAddrs, commonName));
|
|
|
+ }
|
|
|
+ {
|
|
|
+ // If dNsName is provided, don't match with commonName
|
|
|
+ std::vector<std::string> dnsNames, ipAddrs;
|
|
|
+ dnsNames.push_back("foo");
|
|
|
+ dnsNames.push_back("exampleX.org");
|
|
|
+ ipAddrs.push_back("example.org");
|
|
|
+ std::string commonName = "example.org";
|
|
|
+ CPPUNIT_ASSERT(!net::verifyHostname("example.org",
|
|
|
+ dnsNames, ipAddrs, commonName));
|
|
|
+ }
|
|
|
+ {
|
|
|
+ // IPAddress in dnsName don't match.
|
|
|
+ std::vector<std::string> dnsNames, ipAddrs;
|
|
|
+ dnsNames.push_back("192.168.0.1");
|
|
|
+ std::string commonName = "example.org";
|
|
|
+ CPPUNIT_ASSERT(!net::verifyHostname("192.168.0.1",
|
|
|
+ dnsNames, ipAddrs, commonName));
|
|
|
+ }
|
|
|
+ {
|
|
|
+ // IPAddress string match with commonName
|
|
|
+ std::vector<std::string> dnsNames, ipAddrs;
|
|
|
+ std::string commonName = "192.168.0.1";
|
|
|
+ CPPUNIT_ASSERT(net::verifyHostname("192.168.0.1",
|
|
|
+ dnsNames, ipAddrs, commonName));
|
|
|
+ }
|
|
|
+ {
|
|
|
+ // Match against iPAddress in subjectAltName
|
|
|
+ std::vector<std::string> dnsNames, ipAddrs;
|
|
|
+ unsigned char binAddr[16];
|
|
|
+ size_t len;
|
|
|
+ len = net::getBinAddr(binAddr, "192.168.0.1");
|
|
|
+ ipAddrs.push_back(std::string(binAddr, binAddr+len));
|
|
|
+ std::string commonName = "example.org";
|
|
|
+ CPPUNIT_ASSERT(net::verifyHostname("192.168.0.1",
|
|
|
+ dnsNames, ipAddrs, commonName));
|
|
|
+ }
|
|
|
+ {
|
|
|
+ // Match against iPAddress (ipv6) in subjectAltName
|
|
|
+ std::vector<std::string> dnsNames, ipAddrs;
|
|
|
+ unsigned char binAddr[16];
|
|
|
+ size_t len;
|
|
|
+ len = net::getBinAddr(binAddr, "::1");
|
|
|
+ ipAddrs.push_back(std::string(binAddr, binAddr+len));
|
|
|
+ std::string commonName = "example.org";
|
|
|
+ CPPUNIT_ASSERT(net::verifyHostname("::1",
|
|
|
+ dnsNames, ipAddrs, commonName));
|
|
|
+ }
|
|
|
+ {
|
|
|
+ // If iPAddress is privided, don't match with commonName
|
|
|
+ std::vector<std::string> dnsNames, ipAddrs;
|
|
|
+ unsigned char binAddr[16];
|
|
|
+ size_t len;
|
|
|
+ len = net::getBinAddr(binAddr, "192.168.0.2");
|
|
|
+ ipAddrs.push_back(std::string(binAddr, binAddr+len));
|
|
|
+ std::string commonName = "192.168.0.1";
|
|
|
+ CPPUNIT_ASSERT(!net::verifyHostname("192.168.0.1",
|
|
|
+ dnsNames, ipAddrs, commonName));
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
} // namespace aria2
|
Tatsuhiro Tsujikawa