proxmox-mirrors/libgit2
1
0
Fork 0
mirror of https://git.proxmox.com/git/libgit2 synced 2025-05-09 18:22:16 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

netops: unit-test the cert host-name pattern matching

Browse Source 
This kind of stuff should have unit tests, even if it's just to show
what we expect to match successfully.
This commit is contained in:
Carlos Martín Nieto 2014-04-26 13:51:14 +02:00
parent 4f9d54146d
commit 1f0d4f3d8d
3 changed files with 30 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/netops.c
View File

@ -207,7 +207,7 @@ static int gitno_ssl_teardown(gitno_ssl *ssl)
}
/* Match host names according to RFC 2818 rules */
static int match_host(const char *pattern, const char *host)
int gitno__match_host(const char *pattern, const char *host)
{
for (;;) {
char c = tolower(*pattern++);
@ -230,9 +230,9 @@ static int match_host(const char *pattern, const char *host)
while(*host) {
char h = tolower(*host);
if (c == h)
return match_host(pattern, host++);
return gitno__match_host(pattern, host++);
if (h == '.')
return match_host(pattern, host);
return gitno__match_host(pattern, host);
host++;
}
return -1;
@ -250,7 +250,7 @@ static int check_host_name(const char *name, const char *host)
if (!strcasecmp(name, host))
return 0;
if (match_host(name, host) < 0)
if (gitno__match_host(name, host) < 0)
return -1;
return 0;

13
src/netops.h
View File

@ -54,6 +54,19 @@ enum {
GITNO_CONNECT_SSL_NO_CHECK_CERT = 2,
};
/**
* Check if the name in a cert matches the wanted hostname
*
* Check if a pattern from a certificate matches the hostname we
* wanted to connect to according to RFC2818 rules (which specifies
* HTTP over TLS). Mainly, an asterisk matches anything, but is
* limited to a single url component.
*
* Note that this does not set an error message. It expects the user
* to provide the message for the user.
*/
int gitno__match_host(const char *pattern, const char *host);
void gitno_buffer_setup(gitno_socket *t, gitno_buffer *buf, char *data, size_t len);
void gitno_buffer_setup_callback(gitno_socket *t, gitno_buffer *buf, char *data, size_t len, int (*recv)(gitno_buffer *buf), void *cb_data);
int gitno_recv(gitno_buffer *buf);

13
tests/network/matchhost.c Normal file
View File

@ -0,0 +1,13 @@
#include "clar_libgit2.h"
#include "netops.h"
void test_network_matchhost__match(void)
{
cl_git_pass(gitno__match_host("*.example.org", "www.example.org"));
cl_git_pass(gitno__match_host("*.foo.example.org", "www.foo.example.org"));
cl_git_fail(gitno__match_host("*.foo.example.org", "foo.example.org"));
cl_git_fail(gitno__match_host("*.foo.example.org", "www.example.org"));
cl_git_fail(gitno__match_host("*.example.org", "example.org"));
cl_git_fail(gitno__match_host("*.example.org", "www.foo.example.org"));
cl_git_fail(gitno__match_host("*.example.org", "blah.www.www.example.org"));
}