curl/tests/unit/unit1397.c

/***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at https://curl.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 * SPDX-License-Identifier: curl
 *
 ***************************************************************************/
#include "curlcheck.h"

#include "vtls/hostcheck.h" /* from the lib dir */

static CURLcode unit_setup(void)
{
  return CURLE_OK;
}

static void unit_stop(void)
{
  /* done before shutting down and exiting */
}

UNITTEST_START

/* only these backends define the tested functions */
#if defined(USE_OPENSSL) || defined(USE_GSKIT)

  /* here you start doing things and checking that the results are good */

fail_unless(Curl_cert_hostcheck(STRCONST("www.example.com"),
                                STRCONST("www.example.com")), "good 1");
fail_unless(Curl_cert_hostcheck(STRCONST("*.example.com"),
                                STRCONST("www.example.com")),
            "good 2");
fail_unless(Curl_cert_hostcheck(STRCONST("xxx*.example.com"),
                                STRCONST("xxxwww.example.com")), "good 3");
fail_unless(Curl_cert_hostcheck(STRCONST("f*.example.com"),
                                STRCONST("foo.example.com")), "good 4");
fail_unless(Curl_cert_hostcheck(STRCONST("192.168.0.0"),
                                STRCONST("192.168.0.0")), "good 5");

fail_if(Curl_cert_hostcheck(STRCONST("xxx.example.com"),
                            STRCONST("www.example.com")), "bad 1");
fail_if(Curl_cert_hostcheck(STRCONST("*"),
                            STRCONST("www.example.com")),"bad 2");
fail_if(Curl_cert_hostcheck(STRCONST("*.*.com"),
                            STRCONST("www.example.com")), "bad 3");
fail_if(Curl_cert_hostcheck(STRCONST("*.example.com"),
                            STRCONST("baa.foo.example.com")), "bad 4");
fail_if(Curl_cert_hostcheck(STRCONST("f*.example.com"),
                            STRCONST("baa.example.com")), "bad 5");
fail_if(Curl_cert_hostcheck(STRCONST("*.com"),
                            STRCONST("example.com")), "bad 6");
fail_if(Curl_cert_hostcheck(STRCONST("*fail.com"),
                            STRCONST("example.com")), "bad 7");
fail_if(Curl_cert_hostcheck(STRCONST("*.example."),
                            STRCONST("www.example.")), "bad 8");
fail_if(Curl_cert_hostcheck(STRCONST("*.example."),
                            STRCONST("www.example")), "bad 9");
fail_if(Curl_cert_hostcheck(STRCONST(""), STRCONST("www")), "bad 10");
fail_if(Curl_cert_hostcheck(STRCONST("*"), STRCONST("www")), "bad 11");
fail_if(Curl_cert_hostcheck(STRCONST("*.168.0.0"),
                            STRCONST("192.168.0.0")), "bad 12");
fail_if(Curl_cert_hostcheck(STRCONST("www.example.com"),
                            STRCONST("192.168.0.0")), "bad 13");

#ifdef ENABLE_IPV6
fail_if(Curl_cert_hostcheck(STRCONST("*::3285:a9ff:fe46:b619"),
                            STRCONST("fe80::3285:a9ff:fe46:b619")), "bad 14");
fail_unless(Curl_cert_hostcheck(STRCONST("fe80::3285:a9ff:fe46:b619"),
                                STRCONST("fe80::3285:a9ff:fe46:b619")),
            "good 6");
#endif

#endif

  /* you end the test code like this: */

UNITTEST_STOP
unit: make unit test source code checksrc compliant 2016-04-03 22:21:10 +08:00			`/***************************************************************************`
			`* _ _ ____ _`
			`* Project ___\| \| \| \| _ \\| \|`
			`* / __\| \| \| \| \|_) \| \|`
			`* \| (__\| \|_\| \| _ <\| \|___`
			`* \___\|\___/\|_\| \_\_____\|`
			`*`
copyright: update all copyright lines and remove year ranges - they are mostly pointless in all major jurisdictions - many big corporations and projects already don't use them - saves us from pointless churn - git keeps history for us - the year range is kept in COPYING checksrc is updated to allow non-year using copyright statements Closes #10205 2023-01-02 20:51:48 +08:00			`* Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.`
unit: make unit test source code checksrc compliant 2016-04-03 22:21:10 +08:00			`*`
			`* This software is licensed as described in the file COPYING, which`
			`* you should have received as part of this distribution. The terms`
curl.se: new home Closes #6172 2020-11-04 21:02:01 +08:00			`* are also available at https://curl.se/docs/copyright.html.`
unit: make unit test source code checksrc compliant 2016-04-03 22:21:10 +08:00			`*`
			`* You may opt to use, copy, modify, merge, publish, distribute and/or sell`
			`* copies of the Software, and permit persons to whom the Software is`
			`* furnished to do so, under the terms of the COPYING file.`
			`*`
			`* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY`
			`* KIND, either express or implied.`
			`*`
			`* SPDX-License-Identifier: curl`
copyright: make repository REUSE compliant Add licensing and copyright information for all files in this repository. This either happens in the file itself as a comment header or in the file `.reuse/dep5`. This commit also adds a Github workflow to check pull requests and adapts copyright.pl to the changes. Closes #8869 2022-05-17 17:16:50 +08:00			`*`
unit: make unit test source code checksrc compliant 2016-04-03 22:21:10 +08:00			`***************************************************************************/`
test1397: unit test for certificate name wildcard handling 2014-02-22 23:52:58 +08:00			`#include "curlcheck.h"`

lib: move hostcheck and x509sn1 sources to vtls/ ... since they are used strictly by TLS code. Closes #8386 2022-02-04 17:44:02 +08:00			`#include "vtls/hostcheck.h" /* from the lib dir */`
test1397: unit test for certificate name wildcard handling 2014-02-22 23:52:58 +08:00
			`static CURLcode unit_setup(void)`
			`{`
			`return CURLE_OK;`
			`}`

code: style updates 2016-04-04 02:28:34 +08:00			`static void unit_stop(void)`
test1397: unit test for certificate name wildcard handling 2014-02-22 23:52:58 +08:00			`{`
			`/* done before shutting down and exiting */`
			`}`

			`UNITTEST_START`

test1397: Fixed compilation with some SSL backends The test is only valid when one of four SSL backends is in use, and must otherwise return success. 2014-03-27 05:06:44 +08:00			`/* only these backends define the tested functions */`
axtls: removed As has been outlined in the DEPRECATE.md document, the axTLS code has been disabled for 6 months and is hereby removed. Use a better supported TLS library! Assisted-by: Daniel Gustafsson Closes #3194 2018-10-30 17:00:00 +08:00			`#if defined(USE_OPENSSL) \|\| defined(USE_GSKIT)`
test1397: Fixed compilation with some SSL backends The test is only valid when one of four SSL backends is in use, and must otherwise return success. 2014-03-27 05:06:44 +08:00
test1397: unit test for certificate name wildcard handling 2014-02-22 23:52:58 +08:00			`/* here you start doing things and checking that the results are good */`

hostcheck: pass in pattern length too, to avoid a strlen call Removes one strlen() call per SAN name in a cert-check. Closes #8418 2022-02-10 00:27:09 +08:00			`fail_unless(Curl_cert_hostcheck(STRCONST("www.example.com"),`
hostcheck: reduce strlen calls on chained certificates Closes #8428 2022-02-11 04:04:52 +08:00			`STRCONST("www.example.com")), "good 1");`
			`fail_unless(Curl_cert_hostcheck(STRCONST("*.example.com"),`
			`STRCONST("www.example.com")),`
unit: make unit test source code checksrc compliant 2016-04-03 22:21:10 +08:00			`"good 2");`
hostcheck: pass in pattern length too, to avoid a strlen call Removes one strlen() call per SAN name in a cert-check. Closes #8418 2022-02-10 00:27:09 +08:00			`fail_unless(Curl_cert_hostcheck(STRCONST("xxx*.example.com"),`
hostcheck: reduce strlen calls on chained certificates Closes #8428 2022-02-11 04:04:52 +08:00			`STRCONST("xxxwww.example.com")), "good 3");`
			`fail_unless(Curl_cert_hostcheck(STRCONST("f*.example.com"),`
			`STRCONST("foo.example.com")), "good 4");`
			`fail_unless(Curl_cert_hostcheck(STRCONST("192.168.0.0"),`
			`STRCONST("192.168.0.0")), "good 5");`
unit: make unit test source code checksrc compliant 2016-04-03 22:21:10 +08:00
hostcheck: pass in pattern length too, to avoid a strlen call Removes one strlen() call per SAN name in a cert-check. Closes #8418 2022-02-10 00:27:09 +08:00			`fail_if(Curl_cert_hostcheck(STRCONST("xxx.example.com"),`
hostcheck: reduce strlen calls on chained certificates Closes #8428 2022-02-11 04:04:52 +08:00			`STRCONST("www.example.com")), "bad 1");`
			`fail_if(Curl_cert_hostcheck(STRCONST("*"),`
			`STRCONST("www.example.com")),"bad 2");`
			`fail_if(Curl_cert_hostcheck(STRCONST("..com"),`
			`STRCONST("www.example.com")), "bad 3");`
hostcheck: pass in pattern length too, to avoid a strlen call Removes one strlen() call per SAN name in a cert-check. Closes #8418 2022-02-10 00:27:09 +08:00			`fail_if(Curl_cert_hostcheck(STRCONST("*.example.com"),`
hostcheck: reduce strlen calls on chained certificates Closes #8428 2022-02-11 04:04:52 +08:00			`STRCONST("baa.foo.example.com")), "bad 4");`
hostcheck: pass in pattern length too, to avoid a strlen call Removes one strlen() call per SAN name in a cert-check. Closes #8418 2022-02-10 00:27:09 +08:00			`fail_if(Curl_cert_hostcheck(STRCONST("f*.example.com"),`
hostcheck: reduce strlen calls on chained certificates Closes #8428 2022-02-11 04:04:52 +08:00			`STRCONST("baa.example.com")), "bad 5");`
			`fail_if(Curl_cert_hostcheck(STRCONST("*.com"),`
			`STRCONST("example.com")), "bad 6");`
			`fail_if(Curl_cert_hostcheck(STRCONST("*fail.com"),`
			`STRCONST("example.com")), "bad 7");`
			`fail_if(Curl_cert_hostcheck(STRCONST("*.example."),`
			`STRCONST("www.example.")), "bad 8");`
			`fail_if(Curl_cert_hostcheck(STRCONST("*.example."),`
			`STRCONST("www.example")), "bad 9");`
			`fail_if(Curl_cert_hostcheck(STRCONST(""), STRCONST("www")), "bad 10");`
			`fail_if(Curl_cert_hostcheck(STRCONST("*"), STRCONST("www")), "bad 11");`
			`fail_if(Curl_cert_hostcheck(STRCONST("*.168.0.0"),`
			`STRCONST("192.168.0.0")), "bad 12");`
hostcheck: pass in pattern length too, to avoid a strlen call Removes one strlen() call per SAN name in a cert-check. Closes #8418 2022-02-10 00:27:09 +08:00			`fail_if(Curl_cert_hostcheck(STRCONST("www.example.com"),`
hostcheck: reduce strlen calls on chained certificates Closes #8428 2022-02-11 04:04:52 +08:00			`STRCONST("192.168.0.0")), "bad 13");`
test1397: unit test for certificate name wildcard handling 2014-02-22 23:52:58 +08:00
			`#ifdef ENABLE_IPV6`
hostcheck: pass in pattern length too, to avoid a strlen call Removes one strlen() call per SAN name in a cert-check. Closes #8418 2022-02-10 00:27:09 +08:00			`fail_if(Curl_cert_hostcheck(STRCONST("*::3285:a9ff:fe46:b619"),`
hostcheck: reduce strlen calls on chained certificates Closes #8428 2022-02-11 04:04:52 +08:00			`STRCONST("fe80::3285:a9ff:fe46:b619")), "bad 14");`
hostcheck: pass in pattern length too, to avoid a strlen call Removes one strlen() call per SAN name in a cert-check. Closes #8418 2022-02-10 00:27:09 +08:00			`fail_unless(Curl_cert_hostcheck(STRCONST("fe80::3285:a9ff:fe46:b619"),`
hostcheck: reduce strlen calls on chained certificates Closes #8428 2022-02-11 04:04:52 +08:00			`STRCONST("fe80::3285:a9ff:fe46:b619")),`
			`"good 6");`
test1397: Fixed compilation with some SSL backends The test is only valid when one of four SSL backends is in use, and must otherwise return success. 2014-03-27 05:06:44 +08:00			`#endif`

test1397: unit test for certificate name wildcard handling 2014-02-22 23:52:58 +08:00			`#endif`

			`/* you end the test code like this: */`

			`UNITTEST_STOP`