summaryrefslogtreecommitdiffstats
path: root/tests/auto/qsslsocket
diff options
context:
space:
mode:
authorRichard J. Moore <rich@kde.org>2010-06-06 21:10:08 (GMT)
committerPeter Hartmann <peter.hartmann@nokia.com>2010-07-09 12:34:57 (GMT)
commit5f6018564668d368f75e431c4cdac88d7421cff0 (patch)
tree3b2ded624dd6a91370a9cc641015a0f765045d7d /tests/auto/qsslsocket
parent6ee0091a966fe09256b6285a047ae2eff55622e2 (diff)
downloadQt-5f6018564668d368f75e431c4cdac88d7421cff0.zip
Qt-5f6018564668d368f75e431c4cdac88d7421cff0.tar.gz
Qt-5f6018564668d368f75e431c4cdac88d7421cff0.tar.bz2
Fix handling of SSL certificates with wildcard domain names
Merge-request: 731 Task-number: QTBUG-4455 Reviewed-by: Peter Hartmann
Diffstat (limited to 'tests/auto/qsslsocket')
-rw-r--r--tests/auto/qsslsocket/tst_qsslsocket.cpp24
1 files changed, 24 insertions, 0 deletions
diff --git a/tests/auto/qsslsocket/tst_qsslsocket.cpp b/tests/auto/qsslsocket/tst_qsslsocket.cpp
index 0cf638b..0c12974 100644
--- a/tests/auto/qsslsocket/tst_qsslsocket.cpp
+++ b/tests/auto/qsslsocket/tst_qsslsocket.cpp
@@ -55,6 +55,7 @@
#include <QAuthenticator>
#include "private/qhostinfo_p.h"
+#include "private/qsslsocket_openssl_p.h"
#include "../network-settings.h"
@@ -163,6 +164,7 @@ private slots:
void setDefaultCiphers();
void supportedCiphers();
void systemCaCertificates();
+ void wildcardCertificateNames();
void wildcard();
void setEmptyKey();
void spontaneousWrite();
@@ -1063,6 +1065,28 @@ void tst_QSslSocket::systemCaCertificates()
QCOMPARE(certs, QSslSocket::defaultCaCertificates());
}
+void tst_QSslSocket::wildcardCertificateNames()
+{
+ // Passing CN matches
+ QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("www.example.com"), QString("www.example.com")), true );
+ QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.example.com"), QString("www.example.com")), true );
+ QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("xxx*.example.com"), QString("xxxwww.example.com")), true );
+ QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("f*.example.com"), QString("foo.example.com")), true );
+
+ // Failing CN matches
+ QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("xxx.example.com"), QString("www.example.com")), false );
+ QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*"), QString("www.example.com")), false );
+ QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.*.com"), QString("www.example.com")), false );
+ QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.example.com"), QString("baa.foo.example.com")), false );
+ QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("f*.example.com"), QString("baa.example.com")), false );
+ QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.com"), QString("example.com")), false );
+ QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*fail.com"), QString("example.com")), false );
+ QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.example."), QString("www.example.")), false );
+ QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.example."), QString("www.example")), false );
+ QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString(""), QString("www")), false );
+ QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*"), QString("www")), false );
+}
+
void tst_QSslSocket::wildcard()
{
QSKIP("TODO: solve wildcard problem", SkipAll);