source-git / gnutls

Clone
Source Code
GIT

Blame tests/hostname-check-utf8.c

c8 c8s master
  1.   b97e568fddb0c347c225fc68303960b41a24f19f
  2.   tests
  3.   hostname-check-utf8.c
Blob History Raw
Packit Service 4684c1 
/*
Packit Service 4684c1 
 * Copyright (C) 2016-2017 Red Hat, Inc.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Author: Nikos Mavrogiannopoulos
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * This file is part of GnuTLS.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * GnuTLS is free software; you can redistribute it and/or modify it
Packit Service 4684c1 
 * under the terms of the GNU General Public License as published by
Packit Service 4684c1 
 * the Free Software Foundation; either version 3 of the License, or
Packit Service 4684c1 
 * (at your option) any later version.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * GnuTLS is distributed in the hope that it will be useful, but
Packit Service 4684c1 
 * WITHOUT ANY WARRANTY; without even the implied warranty of
Packit Service 4684c1 
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
Packit Service 4684c1 
 * General Public License for more details.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * You should have received a copy of the GNU General Public License
Packit Service 4684c1 
 * along with GnuTLS; if not, write to the Free Software Foundation,
Packit Service 4684c1 
 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
Packit Service 4684c1 
 */
Packit Service 4684c1
Packit Service 4684c1 
#ifdef HAVE_CONFIG_H
Packit Service 4684c1 
#include <config.h>
Packit Service 4684c1 
#endif
Packit Service 4684c1
Packit Service 4684c1 
#include <stdlib.h>
Packit Service 4684c1 
#include <string.h>
Packit Service 4684c1 
#include <gnutls/gnutls.h>
Packit Service 4684c1 
#include <gnutls/x509.h>
Packit Service 4684c1
Packit Service 4684c1 
#if defined(HAVE_LIBIDN2)
Packit Service 4684c1 
/* to obtain version */
Packit Service 4684c1 
#include <idn2.h>
Packit Service 4684c1 
#endif
Packit Service 4684c1
Packit Service 4684c1 
#include "utils.h"
Packit Service 4684c1
Packit Service 4684c1 
/*
Packit Service 4684c1 
  A self-test of the RFC 2818 hostname matching algorithm for UTF-8
Packit Service 4684c1 
  certificates.
Packit Service 4684c1 
*/
Packit Service 4684c1
Packit Service 4684c1 
char pem_inv_utf8_dns[] = "\n"
Packit Service 4684c1 
	"	Subject Alternative Name (not critical):\n"
Packit Service 4684c1 
	"			DNSname: γγγ.τόστ.gr\n"
Packit Service 4684c1 
	"			DNSname: τέστ.gr\n"
Packit Service 4684c1 
	"			DNSname: *.teχ.gr\n"
Packit Service 4684c1 
	"-----BEGIN CERTIFICATE-----\n"
Packit Service 4684c1 
	"MIIDWzCCAkOgAwIBAgIMU/SjEDp2nsS3kX9vMA0GCSqGSIb3DQEBCwUAMA8xDTAL\n"
Packit Service 4684c1 
	"BgNVBAMTBENBLTAwIhgPMjAxNDA4MjAxMzMwNTZaGA85OTk5MTIzMTIzNTk1OVow\n"
Packit Service 4684c1 
	"EzERMA8GA1UEAxMIc2VydmVyLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
Packit Service 4684c1 
	"AoIBAQDggz41h9PcOjL7UOqx0FfZNtqoRhYQn6bVQqCehwERMDlR4QOqK3LRqE2B\n"
Packit Service 4684c1 
	"cYyVlcdS63tnNFjYCLCz3/CV4rcJBNI3hfFZHUza70iFQ72xMvcgFPyl7UmXqIne\n"
Packit Service 4684c1 
	"8swJ9jLMKou350ztPhshhXORqKxaDHBMcgD/Ade3Yxo2N1smsyINK+riged7A4QD\n"
Packit Service 4684c1 
	"O9IgR9eERQbFrHGz+WgUUgoLFLF4DN1ANpWuZcOV1f9bRB8ADPyKo1yZY1sJj1gE\n"
Packit Service 4684c1 
	"JRRsiOZLSLZ9D/1MLM7BXPuxWmWlJAGfNvrcXX/7FHe6QxC5gi1C6ZUEIZCne+Is\n"
Packit Service 4684c1 
	"HpDNoz/A9vDn6iXZJBFXKyijNpVfAgMBAAGjga4wgaswDAYDVR0TAQH/BAIwADA1\n"
Packit Service 4684c1 
	"BgNVHREELjAsghLOs86zzrMuz4TPjM+Dz4QuZ3KCC8+Ezq3Pg8+ELmdyggkqLnRl\n"
Packit Service 4684c1 
	"z4cuZ3IwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNV\n"
Packit Service 4684c1 
	"HQ4EFgQUvjD8gT+By/Xj/n+SGCVvL/KVElMwHwYDVR0jBBgwFoAUhU7w94kERpAh\n"
Packit Service 4684c1 
	"6DEIh3nEVJnwSaUwDQYJKoZIhvcNAQELBQADggEBAIKuSREAd6ZdcS+slbx+hvew\n"
Packit Service 4684c1 
	"IRBz5QGlCCjR4Oj5arIwFGnh0GdvAgzPa3qn6ReG1gvpe8k3X6Z2Yevw+DubLZNG\n"
Packit Service 4684c1 
	"9CsfLfDIg2wUm05cuQdQG+gTSBVqw56jWf/JFXXwzhnbjX3c2QtepFsvkOnlWGFE\n"
Packit Service 4684c1 
	"uVX6AiPfiNChVxnb4e1xpxOt6W/su19ar5J7rdDrdyVVm/ioSKvXhbBXI4f8NF2x\n"
Packit Service 4684c1 
	"wTEzbtl99HyjbLIRRCWpUU277khHLr8SSFqdSr100zIkdiB72LfPXAHVld1onV2z\n"
Packit Service 4684c1 
	"PPFYVMsnY+fuxIsTVErX3bLj6v67Bs3BNzagFUlyJl5rBGwn73UafNWz3BYDyxY=\n"
Packit Service 4684c1 
	"-----END CERTIFICATE-----\n";
Packit Service 4684c1
Packit Service 4684c1 
char pem_utf8_dns[] =
Packit Service 4684c1 
	"Subject Alternative Name (not critical):\n"
Packit Service 4684c1 
	"		DNSname: xn--oxaaa.xn--4xabb4a.gr (γγγ.τόστ.gr)\n"
Packit Service 4684c1 
	"		DNSname: xn--ixa8bbc.gr (τέστ.gr)\n"
Packit Service 4684c1 
	"		DNSname: *.xn--te-8bc.gr (*.teχ.gr)\n"
Packit Service 4684c1 
	"\n"
Packit Service 4684c1 
	"-----BEGIN CERTIFICATE-----\n"
Packit Service 4684c1 
	"MIIEFTCCAn2gAwIBAgIMWElZgiWN43F5pluiMA0GCSqGSIb3DQEBCwUAMA0xCzAJ\n"
Packit Service 4684c1 
	"BgNVBAYTAkdSMB4XDTA0MDIyOTE1MjE0MloXDTI0MDIyOTE1MjE0MVowDTELMAkG\n"
Packit Service 4684c1 
	"A1UEBhMCR1IwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQC23cZ4hvts\n"
Packit Service 4684c1 
	"D/zjXmX70ewCWpFaOXXhSiB1U4ogVsIYPh0o3eJ3w2vr8k7f8CHZXT9T64g9UYoH\n"
Packit Service 4684c1 
	"PM+vPkcT6RnwHNfe6SpSqTtPCNC9UQyp4wVq+HxnQsxOrmf2bClYn6CGaXQvDNiG\n"
Packit Service 4684c1 
	"KQCDGoxLZx+d12dYUxL4l07J3rogk7Wqe9znkpC+9UqyDJIAZgF9e4H190sRY0FM\n"
Packit Service 4684c1 
	"zrOkDDDmt/vBlu0SPhP0sktUJDjvOtHY/V2IDp0y9tImxnFhdl5k4kAEiPiph72C\n"
Packit Service 4684c1 
	"QjSRf/Kb5siUcgRxmTvN9GgWNPg3EtmyynMjIlnzicO1p6Wju80hAuVhYKOI3aq6\n"
Packit Service 4684c1 
	"FAUHY0DQkkna7dcmKwJdUo9jzMWBV+B+eOT69rDKcAvQJz5PfrrnE9SJ4/eteam7\n"
Packit Service 4684c1 
	"l4BcIZIKSuaZz48ymh6exEpSY+P3SD05oZbeQVfgi4e7Ui81S63XRlPqLPCYp0+N\n"
Packit Service 4684c1 
	"q2nSeVedR59AtQhyGhQLgQneV0R17aym+1nJ8AjsZXL7sfYef/OOxeMCAwEAAaN1\n"
Packit Service 4684c1 
	"MHMwDAYDVR0TAQH/BAIwADBEBgNVHREEPTA7ghh4bi0tb3hhYWEueG4tLTR4YWJi\n"
Packit Service 4684c1 
	"NGEuZ3KCDnhuLS1peGE4YmJjLmdygg8qLnhuLS10ZS04YmMuZ3IwHQYDVR0OBBYE\n"
Packit Service 4684c1 
	"FPmohhljtqQUE2B2DwGaNTbv8bSvMA0GCSqGSIb3DQEBCwUAA4IBgQAOAECgc096\n"
Packit Service 4684c1 
	"3WH7G83bRmVDooGATNP0v3cmYebVu3RL77/vlCO3UOS9lVxEwlF/6V1u3OqEqwUy\n"
Packit Service 4684c1 
	"EzGInEAmqR/VIoubIVrFqzaMMjfCHdKPuyWeCb3ylp0o2lxRKbC9m/Bu8Iv5rZdN\n"
Packit Service 4684c1 
	"fTZVyJbp1Ddw4GhM0UZ/IK3h8J8UtarSijhha0UX9EwQo4wi1NRpc2nxRGy7xUHG\n"
Packit Service 4684c1 
	"GqUCFBe6cgKBEBRWh3Gha5UgwqkapA9eGGmb7CRzOHZA0raIcxwb2w2Htf7ziE1G\n"
Packit Service 4684c1 
	"UBdo0ZtpVYq/EDggP4XIvqHb8bJVFuOiu2xf71JoPgjg4+1CEj+vgkI4j/RGDjZ/\n"
Packit Service 4684c1 
	"bQ66XHY2EbCjhSLoCGpY924frilrFL3cMofdMguxtsONwUotYmCF6VI/EtELvIdf\n"
Packit Service 4684c1 
	"NbdaPqI2524oBDlD98DTJa5mGoaFUyJGotcK3e9fniIxbVW8/Ykwhqbj+9wKjYEP\n"
Packit Service 4684c1 
	"ywY/9UOj+wjwULkIxK9g91yGLRDAO/6xzCF5ly5i4oXBqKLAKZ7vBTU=\n"
Packit Service 4684c1 
	"-----END CERTIFICATE-----\n";
Packit Service 4684c1
Packit Service 4684c1 
void doit(void)
Packit Service 4684c1 
{
Packit Service 4684c1 
	gnutls_x509_crt_t x509;
Packit Service 4684c1 
	gnutls_datum_t data;
Packit Service 4684c1 
	int ret;
Packit Service 4684c1
Packit Service 4684c1 
#if !defined(HAVE_LIBIDN2)
Packit Service 4684c1 
	exit(77);
Packit Service 4684c1 
#endif
Packit Service 4684c1
Packit Service 4684c1 
	ret = global_init();
Packit Service 4684c1 
	if (ret < 0)
Packit Service 4684c1 
		fail("global_init: %d\n", ret);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_init(&x509);
Packit Service 4684c1 
	if (ret < 0)
Packit Service 4684c1 
		fail("gnutls_x509_crt_init: %d\n", ret);
Packit Service 4684c1
Packit Service 4684c1 
	if (debug)
Packit Service 4684c1 
		success("Testing pem_invalid_utf8_dns...\n");
Packit Service 4684c1 
	data.data = (unsigned char *) pem_inv_utf8_dns;
Packit Service 4684c1 
	data.size = strlen(pem_inv_utf8_dns);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_import(x509, &data, GNUTLS_X509_FMT_PEM);
Packit Service 4684c1 
	if (ret < 0)
Packit Service 4684c1 
		fail("%d: gnutls_x509_crt_import: %d\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "example.com");
Packit Service 4684c1 
	if (ret)
Packit Service 4684c1 
		fail("%d: Hostname incorrectly matches (%d)\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "τεστ.gr");
Packit Service 4684c1 
	if (ret)
Packit Service 4684c1 
		fail("%d: Hostname incorrectly matches (%d)\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "τoστ.gr");
Packit Service 4684c1 
	if (ret)
Packit Service 4684c1 
		fail("%d: Hostname incorrectly matches (%d)\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "γαβ.τόστ.gr");
Packit Service 4684c1 
	if (ret)
Packit Service 4684c1 
		fail("%d: Hostname incorrectly matches (%d)\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "www.in.teχ.gr");
Packit Service 4684c1 
	if (ret)
Packit Service 4684c1 
		fail("%d: Hostname incorrectly matches (%d)\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "www.teχ.gr");
Packit Service 4684c1 
	if (ret)
Packit Service 4684c1 
		fail("%d: Invalid hostname incorrectly matches (%d)\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1 
#if IDN2_VERSION_NUMBER >= 0x00160000
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "γΓγ.τόΣτ.gr");
Packit Service 4684c1 
	if (ret)
Packit Service 4684c1 
		fail("%d: Hostname incorrectly matches (%d)\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "ΤΈΣΤ.gr");
Packit Service 4684c1 
	if (ret)
Packit Service 4684c1 
		fail("%d: Hostname incorrectly matches (%d)\n", __LINE__, ret);
Packit Service 4684c1 
#endif
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "γγγ.τόστ.gr");
Packit Service 4684c1 
	if (ret)
Packit Service 4684c1 
		fail("%d: Invalid hostname incorrectly matches (%d)\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "γΓγ.τόΣτ.gr");
Packit Service 4684c1 
	if (ret)
Packit Service 4684c1 
		fail("%d: Invalid hostname incorrectly matches (%d)\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "τέστ.gr");
Packit Service 4684c1 
	if (ret)
Packit Service 4684c1 
		fail("%d: Invalid hostname incorrectly matches (%d)\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "ΤΈΣΤ.gr");
Packit Service 4684c1 
	if (ret)
Packit Service 4684c1 
		fail("%d: Invalid hostname incorrectly matches (%d)\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1
Packit Service 4684c1 
	if (debug)
Packit Service 4684c1 
		success("Testing pem_utf8_dns...\n");
Packit Service 4684c1 
	data.data = (unsigned char *) pem_utf8_dns;
Packit Service 4684c1 
	data.size = strlen(pem_utf8_dns);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_import(x509, &data, GNUTLS_X509_FMT_PEM);
Packit Service 4684c1 
	if (ret < 0)
Packit Service 4684c1 
		fail("%d: gnutls_x509_crt_import: %d\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "example.com");
Packit Service 4684c1 
	if (ret)
Packit Service 4684c1 
		fail("%d: Hostname incorrectly matches (%d)\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "τεστ.gr");
Packit Service 4684c1 
	if (ret)
Packit Service 4684c1 
		fail("%d: Hostname incorrectly matches (%d)\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "τoστ.gr");
Packit Service 4684c1 
	if (ret)
Packit Service 4684c1 
		fail("%d: Hostname incorrectly matches (%d)\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "γαβ.τόστ.gr");
Packit Service 4684c1 
	if (ret)
Packit Service 4684c1 
		fail("%d: Hostname incorrectly matches (%d)\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "www.in.teχ.gr");
Packit Service 4684c1 
	if (ret)
Packit Service 4684c1 
		fail("%d: Hostname incorrectly matches (%d)\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "www.teχ.gr");
Packit Service 4684c1 
	if (!ret)
Packit Service 4684c1 
		fail("%d: Hostname incorrectly does not match (%d)\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "γγγ.τόστ.gr");
Packit Service 4684c1 
	if (!ret)
Packit Service 4684c1 
		fail("%d: Hostname incorrectly does not match (%d)\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "τέστ.gr");
Packit Service 4684c1 
	if (!ret)
Packit Service 4684c1 
		fail("%d: Hostname incorrectly does not match (%d)\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1 
#if IDN2_VERSION_NUMBER >= 0x00160000
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "γΓγ.τόΣτ.gr");
Packit Service 4684c1 
	if (!ret)
Packit Service 4684c1 
		fail("%d: Hostname incorrectly does not match (%d)\n", __LINE__, ret);
Packit Service 4684c1
Packit Service 4684c1 
	ret = gnutls_x509_crt_check_hostname(x509, "ΤΈΣΤ.gr");
Packit Service 4684c1 
	if (!ret)
Packit Service 4684c1 
		fail("%d: Hostname incorrectly does not match (%d)\n", __LINE__, ret);
Packit Service 4684c1 
#endif
Packit Service 4684c1
Packit Service 4684c1 
	gnutls_x509_crt_deinit(x509);
Packit Service 4684c1
Packit Service 4684c1 
	gnutls_global_deinit();
Packit Service 4684c1 
}

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation