summaryrefslogtreecommitdiff
path: root/src/crypto/x509v3/v3name_test.cc
diff options
context:
space:
mode:
Diffstat (limited to 'src/crypto/x509v3/v3name_test.cc')
-rw-r--r--src/crypto/x509v3/v3name_test.cc16
1 files changed, 13 insertions, 3 deletions
diff --git a/src/crypto/x509v3/v3name_test.cc b/src/crypto/x509v3/v3name_test.cc
index 0736120f..2dcdd87c 100644
--- a/src/crypto/x509v3/v3name_test.cc
+++ b/src/crypto/x509v3/v3name_test.cc
@@ -65,6 +65,7 @@
#include <openssl/x509v3.h>
#include "../internal.h"
+#include "internal.h"
static const char *const names[] = {
@@ -344,7 +345,7 @@ static void run_cert(X509 *crt, const char *nameincert,
ret = X509_check_host(crt, name, namelen, 0, NULL);
match = -1;
if (ret < 0) {
- fprintf(stderr, "internal error in X509_check_host");
+ fprintf(stderr, "internal error in X509_check_host\n");
++errors;
} else if (fn->host) {
if (ret == 1 && !samename)
@@ -359,7 +360,7 @@ static void run_cert(X509 *crt, const char *nameincert,
X509_CHECK_FLAG_NO_WILDCARDS, NULL);
match = -1;
if (ret < 0) {
- fprintf(stderr, "internal error in X509_check_host");
+ fprintf(stderr, "internal error in X509_check_host\n");
++errors;
} else if (fn->host) {
if (ret == 1 && !samename)
@@ -385,12 +386,21 @@ static void run_cert(X509 *crt, const char *nameincert,
}
}
-// TOOD(davidben): Convert this test to GTest more thoroughly.
+// TODO(davidben): Convert this test to GTest more thoroughly.
TEST(X509V3Test, NameTest) {
const struct set_name_fn *pfn = name_fns;
while (pfn->name) {
const char *const *pname = names;
while (*pname) {
+ // The common name fallback requires the name look sufficiently
+ // DNS-like.
+ if (strcmp(pfn->name, "set CN") == 0 &&
+ !x509v3_looks_like_dns_name(
+ reinterpret_cast<const unsigned char*>(*pname),
+ strlen(*pname))) {
+ ++pname;
+ continue;
+ }
bssl::UniquePtr<X509> crt(make_cert());
ASSERT_TRUE(crt);
ASSERT_TRUE(pfn->fn(crt.get(), *pname));
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-26 08:59:28 +0000