diff options
author | Richard J. Moore <rich@kde.org> | 2010-06-06 21:10:08 (GMT) |
---|---|---|
committer | Peter Hartmann <peter.hartmann@nokia.com> | 2010-07-09 12:34:57 (GMT) |
commit | 5f6018564668d368f75e431c4cdac88d7421cff0 (patch) | |
tree | 3b2ded624dd6a91370a9cc641015a0f765045d7d /tests/auto/qsslsocket | |
parent | 6ee0091a966fe09256b6285a047ae2eff55622e2 (diff) | |
download | Qt-5f6018564668d368f75e431c4cdac88d7421cff0.zip Qt-5f6018564668d368f75e431c4cdac88d7421cff0.tar.gz Qt-5f6018564668d368f75e431c4cdac88d7421cff0.tar.bz2 |
Fix handling of SSL certificates with wildcard domain names
Merge-request: 731
Task-number: QTBUG-4455
Reviewed-by: Peter Hartmann
Diffstat (limited to 'tests/auto/qsslsocket')
-rw-r--r-- | tests/auto/qsslsocket/tst_qsslsocket.cpp | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/tests/auto/qsslsocket/tst_qsslsocket.cpp b/tests/auto/qsslsocket/tst_qsslsocket.cpp index 0cf638b..0c12974 100644 --- a/tests/auto/qsslsocket/tst_qsslsocket.cpp +++ b/tests/auto/qsslsocket/tst_qsslsocket.cpp @@ -55,6 +55,7 @@ #include <QAuthenticator> #include "private/qhostinfo_p.h" +#include "private/qsslsocket_openssl_p.h" #include "../network-settings.h" @@ -163,6 +164,7 @@ private slots: void setDefaultCiphers(); void supportedCiphers(); void systemCaCertificates(); + void wildcardCertificateNames(); void wildcard(); void setEmptyKey(); void spontaneousWrite(); @@ -1063,6 +1065,28 @@ void tst_QSslSocket::systemCaCertificates() QCOMPARE(certs, QSslSocket::defaultCaCertificates()); } +void tst_QSslSocket::wildcardCertificateNames() +{ + // Passing CN matches + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("www.example.com"), QString("www.example.com")), true ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.example.com"), QString("www.example.com")), true ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("xxx*.example.com"), QString("xxxwww.example.com")), true ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("f*.example.com"), QString("foo.example.com")), true ); + + // Failing CN matches + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("xxx.example.com"), QString("www.example.com")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*"), QString("www.example.com")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.*.com"), QString("www.example.com")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.example.com"), QString("baa.foo.example.com")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("f*.example.com"), QString("baa.example.com")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.com"), QString("example.com")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*fail.com"), QString("example.com")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.example."), QString("www.example.")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.example."), QString("www.example")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString(""), QString("www")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*"), QString("www")), false ); +} + void tst_QSslSocket::wildcard() { QSKIP("TODO: solve wildcard problem", SkipAll); |