diff options
| author | Richard J. Moore <rich@kde.org> | 2010-06-06 21:10:08 (GMT) |
|---|---|---|
| committer | Samuli Piippo <samuli.piippo@digia.com> | 2011-06-09 10:07:14 (GMT) |
| commit | efd076454343c3e02ce2c54f1605dba2a375a2b9 (patch) | |
| tree | 4af4515bde886a3a44cd348c643b40871ef074fc /tests | |
| parent | 352bdb7a648c2e37612a9640df52ac9ad5429255 (diff) | |
| download | Qt-efd076454343c3e02ce2c54f1605dba2a375a2b9.zip Qt-efd076454343c3e02ce2c54f1605dba2a375a2b9.tar.gz Qt-efd076454343c3e02ce2c54f1605dba2a375a2b9.tar.bz2 | |
Fix handling of SSL certificates with wildcard domain names
Merge-request: 731
Task-number: QTBUG-4455
Reviewed-by: Peter Hartmann
(cherry picked from commit 5f6018564668d368f75e431c4cdac88d7421cff0)
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/auto/qsslsocket/tst_qsslsocket.cpp | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/tests/auto/qsslsocket/tst_qsslsocket.cpp b/tests/auto/qsslsocket/tst_qsslsocket.cpp index 6ae4b10..7b63795 100644 --- a/tests/auto/qsslsocket/tst_qsslsocket.cpp +++ b/tests/auto/qsslsocket/tst_qsslsocket.cpp @@ -55,6 +55,7 @@ #include <QAuthenticator> #include "private/qhostinfo_p.h" +#include "private/qsslsocket_openssl_p.h" #include "../network-settings.h" @@ -163,6 +164,7 @@ private slots: void setDefaultCiphers(); void supportedCiphers(); void systemCaCertificates(); + void wildcardCertificateNames(); void wildcard(); void setEmptyKey(); void spontaneousWrite(); @@ -1049,6 +1051,28 @@ void tst_QSslSocket::systemCaCertificates() QCOMPARE(certs, QSslSocket::defaultCaCertificates()); } +void tst_QSslSocket::wildcardCertificateNames() +{ + // Passing CN matches + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("www.example.com"), QString("www.example.com")), true ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.example.com"), QString("www.example.com")), true ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("xxx*.example.com"), QString("xxxwww.example.com")), true ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("f*.example.com"), QString("foo.example.com")), true ); + + // Failing CN matches + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("xxx.example.com"), QString("www.example.com")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*"), QString("www.example.com")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.*.com"), QString("www.example.com")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.example.com"), QString("baa.foo.example.com")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("f*.example.com"), QString("baa.example.com")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.com"), QString("example.com")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*fail.com"), QString("example.com")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.example."), QString("www.example.")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*.example."), QString("www.example")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString(""), QString("www")), false ); + QCOMPARE( QSslSocketBackendPrivate::isMatchingHostname(QString("*"), QString("www")), false ); +} + void tst_QSslSocket::wildcard() { QSKIP("TODO: solve wildcard problem", SkipAll); |