diff options
| author | Richard J. Moore <rich@kde.org> | 2010-06-06 21:10:08 (GMT) |
|---|---|---|
| committer | Jason McDonald <jason.mcdonald@nokia.com> | 2010-07-16 07:05:10 (GMT) |
| commit | 5842c00976e70d190f5604ee06e839bbb9a9853a (patch) | |
| tree | 1352ca6749e10047e0e28c10f7468a70578d5e71 /tests/auto | |
| parent | c7c91f5a2aca4e46d1d2ec605e93861f94af5d82 (diff) | |
| download | Qt-5842c00976e70d190f5604ee06e839bbb9a9853a.zip Qt-5842c00976e70d190f5604ee06e839bbb9a9853a.tar.gz Qt-5842c00976e70d190f5604ee06e839bbb9a9853a.tar.bz2 | |
Fix handling of SSL certificates with wildcard domain names
Merge-request: 731
Task-number: QTBUG-4455
Reviewed-by: Peter Hartmann
(cherry picked from commit 5f6018564668d368f75e431c4cdac88d7421cff0)
Diffstat (limited to 'tests/auto')
| -rw-r--r-- | tests/auto/qsslsocket/tst_qsslsocket.cpp | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/tests/auto/qsslsocket/tst_qsslsocket.cpp b/tests/auto/qsslsocket/tst_qsslsocket.cpp index 0cf638b..0c12974 100644 --- a/tests/auto/qsslsocket/tst_qsslsocket.cpp +++ b/tests/auto/qsslsocket/tst_qsslsocket.cpp @@ -55,6 +55,7 @@ #include <QAuthenticator> #include "private/qhostinfo_p.h" +#include "private/qsslsocket_openssl_p.h" #include "../network-settings.h" @@ -163,6 +164,7 @@ private slots: void setDefaultCiphers(); void supportedCiphers(); void systemCaCertificates(); + void wildcardCertificateNames(); void wildcard(); void setEmptyKey(); void spontaneousWrite(); @@ -1063,6 +1065,28 @@ void tst_QSslSocket::systemCaCertificates() QCOMPARE(certs, QSslSocket::defaultCaCertificates()); } +void tst_QSslSocket::wildcardCertificateNames() +{ + // Passing CN matches + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("www.example.com"), QString("www.example.com")), true ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.example.com"), QString("www.example.com")), true ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("xxx*.example.com"), QString("xxxwww.example.com")), true ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("f*.example.com"), QString("foo.example.com")), true ); + + // Failing CN matches + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("xxx.example.com"), QString("www.example.com")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*"), QString("www.example.com")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.*.com"), QString("www.example.com")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.example.com"), QString("baa.foo.example.com")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("f*.example.com"), QString("baa.example.com")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.com"), QString("example.com")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*fail.com"), QString("example.com")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.example."), QString("www.example.")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.example."), QString("www.example")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString(""), QString("www")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*"), QString("www")), false ); +} + void tst_QSslSocket::wildcard() { QSKIP("TODO: solve wildcard problem", SkipAll); |