OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "base/file_path.h" | 5 #include "base/file_path.h" |
6 #include "base/file_util.h" | 6 #include "base/file_util.h" |
7 #include "base/path_service.h" | 7 #include "base/path_service.h" |
8 #include "base/pickle.h" | 8 #include "base/pickle.h" |
9 #include "base/sha1.h" | 9 #include "base/sha1.h" |
10 #include "base/string_number_conversions.h" | 10 #include "base/string_number_conversions.h" |
(...skipping 1280 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1291 "*.foo.com,*.*.foo.com,*.*.bar.foo.com,*..bar.foo.com," }, | 1291 "*.foo.com,*.*.foo.com,*.*.bar.foo.com,*..bar.foo.com," }, |
1292 { false, "www.bath.org", "www.bath.org", "", "20.30.40.50" }, | 1292 { false, "www.bath.org", "www.bath.org", "", "20.30.40.50" }, |
1293 { false, "66.77.88.99", "www.bath.org", "www.bath.org" }, | 1293 { false, "66.77.88.99", "www.bath.org", "www.bath.org" }, |
1294 // IDN tests | 1294 // IDN tests |
1295 { true, "xn--poema-9qae5a.com.br", "xn--poema-9qae5a.com.br" }, | 1295 { true, "xn--poema-9qae5a.com.br", "xn--poema-9qae5a.com.br" }, |
1296 { true, "www.xn--poema-9qae5a.com.br", "*.xn--poema-9qae5a.com.br" }, | 1296 { true, "www.xn--poema-9qae5a.com.br", "*.xn--poema-9qae5a.com.br" }, |
1297 { false, "xn--poema-9qae5a.com.br", "", "*.xn--poema-9qae5a.com.br," | 1297 { false, "xn--poema-9qae5a.com.br", "", "*.xn--poema-9qae5a.com.br," |
1298 "xn--poema-*.com.br," | 1298 "xn--poema-*.com.br," |
1299 "xn--*-9qae5a.com.br," | 1299 "xn--*-9qae5a.com.br," |
1300 "*--poema-9qae5a.com.br" }, | 1300 "*--poema-9qae5a.com.br" }, |
1301 { true, "xn--poema-9qae5a.com.br", "*.com.br" }, | |
1302 // The following are adapted from the examples quoted from | 1301 // The following are adapted from the examples quoted from |
1303 // http://tools.ietf.org/html/rfc6125#section-6.4.3 | 1302 // http://tools.ietf.org/html/rfc6125#section-6.4.3 |
1304 // (e.g., *.example.com would match foo.example.com but | 1303 // (e.g., *.example.com would match foo.example.com but |
1305 // not bar.foo.example.com or example.com). | 1304 // not bar.foo.example.com or example.com). |
1306 { true, "foo.example.com", "*.example.com" }, | 1305 { true, "foo.example.com", "*.example.com" }, |
1307 { false, "bar.foo.example.com", "*.example.com" }, | 1306 { false, "bar.foo.example.com", "*.example.com" }, |
1308 { false, "example.com", "*.example.com" }, | 1307 { false, "example.com", "*.example.com" }, |
1309 // (e.g., baz*.example.net and *baz.example.net and b*z.example.net would | 1308 // (e.g., baz*.example.net and *baz.example.net and b*z.example.net would |
1310 // be taken to match baz1.example.net and foobaz.example.net and | 1309 // be taken to match baz1.example.net and foobaz.example.net and |
1311 // buzz.example.net, respectively | 1310 // buzz.example.net, respectively |
1312 { true, "baz1.example.net", "baz*.example.net" }, | 1311 { true, "baz1.example.net", "baz*.example.net" }, |
1313 { true, "foobaz.example.net", "*baz.example.net" }, | 1312 { true, "foobaz.example.net", "*baz.example.net" }, |
1314 { true, "buzz.example.net", "b*z.example.net" }, | 1313 { true, "buzz.example.net", "b*z.example.net" }, |
1315 // Wildcards should not be valid unless there are at least three name | 1314 // Wildcards should not be valid for registry-controlled domains, and for |
1316 // components. | 1315 // unknown/unrecognized domains, at least three domain components must be |
1317 { true, "h.co.uk", "*.co.uk" }, | 1316 // present. |
| 1317 { true, "www.test.example", "*.test.example" }, |
| 1318 { true, "test.example.co.uk", "*.example.co.uk" }, |
| 1319 { false, "test.example", "*.example" }, |
| 1320 { false, "example.co.uk", "*.co.uk" }, |
1318 { false, "foo.com", "*.com" }, | 1321 { false, "foo.com", "*.com" }, |
1319 { false, "foo.us", "*.us" }, | 1322 { false, "foo.us", "*.us" }, |
1320 { false, "foo", "*" }, | 1323 { false, "foo", "*" }, |
| 1324 // IDN variants of wildcards and registry-controlled domains. |
| 1325 { true, "www.xn--poema-9qae5a.com.br", "*.xn--poema-9qae5a.com.br" }, |
| 1326 { true, "test.example.xn--mgbaam7a8h", "*.example.xn--mgbaam7a8h" }, |
| 1327 { false, "xn--poema-9qae5a.com.br", "*.com.br" }, |
| 1328 { false, "example.xn--mgbaam7a8h", "*.xn--mgbaam7a8h" }, |
1321 // Multiple wildcards are not valid. | 1329 // Multiple wildcards are not valid. |
1322 { false, "foo.example.com", "*.*.com" }, | 1330 { false, "foo.example.com", "*.*.com" }, |
1323 { false, "foo.bar.example.com", "*.bar.*.com" }, | 1331 { false, "foo.bar.example.com", "*.bar.*.com" }, |
1324 // Absolute vs relative DNS name tests. Although not explicitly specified | 1332 // Absolute vs relative DNS name tests. Although not explicitly specified |
1325 // in RFC 6125, absolute reference names (those ending in a .) should | 1333 // in RFC 6125, absolute reference names (those ending in a .) should |
1326 // match either absolute or relative presented names. | 1334 // match either absolute or relative presented names. |
1327 { true, "foo.com", "foo.com." }, | 1335 { true, "foo.com", "foo.com." }, |
1328 { true, "foo.com.", "foo.com" }, | 1336 { true, "foo.com.", "foo.com" }, |
1329 { true, "foo.com.", "foo.com." }, | 1337 { true, "foo.com.", "foo.com." }, |
1330 { true, "f", "f." }, | 1338 { true, "f", "f." }, |
1331 { true, "f.", "f" }, | 1339 { true, "f.", "f" }, |
1332 { true, "f.", "f." }, | 1340 { true, "f.", "f." }, |
1333 { true, "www-3.bar.foo.com", "*.bar.foo.com." }, | 1341 { true, "www-3.bar.foo.com", "*.bar.foo.com." }, |
1334 { true, "www-3.bar.foo.com.", "*.bar.foo.com" }, | 1342 { true, "www-3.bar.foo.com.", "*.bar.foo.com" }, |
1335 { true, "www-3.bar.foo.com.", "*.bar.foo.com." }, | 1343 { true, "www-3.bar.foo.com.", "*.bar.foo.com." }, |
1336 { false, ".", "." }, | 1344 { false, ".", "." }, |
1337 { false, "example.com", "*.com." }, | 1345 { false, "example.com", "*.com." }, |
1338 { false, "example.com.", "*.com" }, | 1346 { false, "example.com.", "*.com" }, |
1339 { false, "example.com.", "*.com." }, | 1347 { false, "example.com.", "*.com." }, |
1340 { false, "foo.", "*." }, | 1348 { false, "foo.", "*." }, |
| 1349 { false, "foo", "*." }, |
| 1350 { false, "foo.co.uk", "*.co.uk." }, |
| 1351 { false, "foo.co.uk.", "*.co.uk." }, |
1341 // IP addresses in common name; IPv4 only. | 1352 // IP addresses in common name; IPv4 only. |
1342 { true, "127.0.0.1", "127.0.0.1" }, | 1353 { true, "127.0.0.1", "127.0.0.1" }, |
1343 { true, "192.168.1.1", "192.168.1.1" }, | 1354 { true, "192.168.1.1", "192.168.1.1" }, |
1344 { true, "676768", "0.10.83.160" }, | 1355 { true, "676768", "0.10.83.160" }, |
1345 { true, "1.2.3", "1.2.0.3" }, | 1356 { true, "1.2.3", "1.2.0.3" }, |
1346 { false, "192.169.1.1", "192.168.1.1" }, | 1357 { false, "192.169.1.1", "192.168.1.1" }, |
1347 { false, "12.19.1.1", "12.19.1.1/255.255.255.0" }, | 1358 { false, "12.19.1.1", "12.19.1.1/255.255.255.0" }, |
1348 { false, "FEDC:ba98:7654:3210:FEDC:BA98:7654:3210", | 1359 { false, "FEDC:ba98:7654:3210:FEDC:BA98:7654:3210", |
1349 "FEDC:BA98:7654:3210:FEDC:ba98:7654:3210" }, | 1360 "FEDC:BA98:7654:3210:FEDC:ba98:7654:3210" }, |
1350 { false, "1111:2222:3333:4444:5555:6666:7777:8888", | 1361 { false, "1111:2222:3333:4444:5555:6666:7777:8888", |
(...skipping 85 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1436 } | 1447 } |
1437 | 1448 |
1438 EXPECT_EQ(test_data.expected, X509Certificate::VerifyHostname( | 1449 EXPECT_EQ(test_data.expected, X509Certificate::VerifyHostname( |
1439 test_data.hostname, common_name, dns_names, ip_addressses)); | 1450 test_data.hostname, common_name, dns_names, ip_addressses)); |
1440 } | 1451 } |
1441 | 1452 |
1442 INSTANTIATE_TEST_CASE_P(, X509CertificateNameVerifyTest, | 1453 INSTANTIATE_TEST_CASE_P(, X509CertificateNameVerifyTest, |
1443 testing::ValuesIn(kNameVerifyTestData)); | 1454 testing::ValuesIn(kNameVerifyTestData)); |
1444 | 1455 |
1445 } // namespace net | 1456 } // namespace net |
OLD | NEW |