diff options
Diffstat (limited to 'src/crypto/x509v3/v3name_test.cc')
-rw-r--r-- | src/crypto/x509v3/v3name_test.cc | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/src/crypto/x509v3/v3name_test.cc b/src/crypto/x509v3/v3name_test.cc index 0736120f..2dcdd87c 100644 --- a/src/crypto/x509v3/v3name_test.cc +++ b/src/crypto/x509v3/v3name_test.cc @@ -65,6 +65,7 @@ #include <openssl/x509v3.h> #include "../internal.h" +#include "internal.h" static const char *const names[] = { @@ -344,7 +345,7 @@ static void run_cert(X509 *crt, const char *nameincert, ret = X509_check_host(crt, name, namelen, 0, NULL); match = -1; if (ret < 0) { - fprintf(stderr, "internal error in X509_check_host"); + fprintf(stderr, "internal error in X509_check_host\n"); ++errors; } else if (fn->host) { if (ret == 1 && !samename) @@ -359,7 +360,7 @@ static void run_cert(X509 *crt, const char *nameincert, X509_CHECK_FLAG_NO_WILDCARDS, NULL); match = -1; if (ret < 0) { - fprintf(stderr, "internal error in X509_check_host"); + fprintf(stderr, "internal error in X509_check_host\n"); ++errors; } else if (fn->host) { if (ret == 1 && !samename) @@ -385,12 +386,21 @@ static void run_cert(X509 *crt, const char *nameincert, } } -// TOOD(davidben): Convert this test to GTest more thoroughly. +// TODO(davidben): Convert this test to GTest more thoroughly. TEST(X509V3Test, NameTest) { const struct set_name_fn *pfn = name_fns; while (pfn->name) { const char *const *pname = names; while (*pname) { + // The common name fallback requires the name look sufficiently + // DNS-like. + if (strcmp(pfn->name, "set CN") == 0 && + !x509v3_looks_like_dns_name( + reinterpret_cast<const unsigned char*>(*pname), + strlen(*pname))) { + ++pname; + continue; + } bssl::UniquePtr<X509> crt(make_cert()); ASSERT_TRUE(crt); ASSERT_TRUE(pfn->fn(crt.get(), *pname)); |