Swiftdiff options
| author | Tim Costen <tim.costen@isode.com> | 2019-11-05 13:37:28 (GMT) |
|---|---|---|
| committer | Tim Costen <tim.costen@isode.com> | 2019-11-05 13:45:29 (GMT) |
| commit | 959a42d21fd70ea002da9afa7482194e8b6097e1 (patch) | |
| tree | cae4a070453d1e3827a3a1e4812bedfe88fd110a /Swiften/TLS/UnitTest/ServerIdentityVerifierTest.cpp | |
| parent | 8baf0e407b3b4914654a6036a16ac81b7a2e7414 (diff) | |
| download | swift-959a42d21fd70ea002da9afa7482194e8b6097e1.zip swift-959a42d21fd70ea002da9afa7482194e8b6097e1.tar.bz2 | |
Handle xmpp-server SRV records
Update ServerIdentityVerifier with new boolean parameter
(defaulting to false) to its constructor. Use this to determine
whether to check for SRV records which start with "_xmpp-client."
(the default, for backwards compatibility), or "_xmpp-server.".
JIRA: SWIFT-424
Bug:
Release-notes:
Manual:
Test-information:
Added a couple of new unit tests to check operation when this parameter
is set true. All ServerIdentityVerifier unit tests run as before.
Change-Id: Icb1fee31b436292cd6b5e61bc86482d700e40332
Diffstat (limited to 'Swiften/TLS/UnitTest/ServerIdentityVerifierTest.cpp')
| -rw-r--r-- | Swiften/TLS/UnitTest/ServerIdentityVerifierTest.cpp | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/Swiften/TLS/UnitTest/ServerIdentityVerifierTest.cpp b/Swiften/TLS/UnitTest/ServerIdentityVerifierTest.cpp index 30fe423..7379b69 100644 --- a/Swiften/TLS/UnitTest/ServerIdentityVerifierTest.cpp +++ b/Swiften/TLS/UnitTest/ServerIdentityVerifierTest.cpp | |||
| @@ -35,6 +35,8 @@ class ServerIdentityVerifierTest : public CppUnit::TestFixture { | |||
| 35 | CPPUNIT_TEST(testCertificateVerifies_WithMatchingInternationalXmppAddr); | 35 | CPPUNIT_TEST(testCertificateVerifies_WithMatchingInternationalXmppAddr); |
| 36 | CPPUNIT_TEST(testCertificateVerifies_WithMatchingCNWithoutSAN); | 36 | CPPUNIT_TEST(testCertificateVerifies_WithMatchingCNWithoutSAN); |
| 37 | CPPUNIT_TEST(testCertificateVerifies_WithMatchingCNWithSAN); | 37 | CPPUNIT_TEST(testCertificateVerifies_WithMatchingCNWithSAN); |
| 38 | CPPUNIT_TEST(testCertificateVerifies_WithMatchingSRVNameWithServerExpected); | ||
| 39 | CPPUNIT_TEST(testCertificateVerifies_WithMatchingSRVNameWithClientUnexpected); | ||
| 38 | CPPUNIT_TEST_SUITE_END(); | 40 | CPPUNIT_TEST_SUITE_END(); |
| 39 | 41 | ||
| 40 | public: | 42 | public: |
| @@ -131,6 +133,24 @@ class ServerIdentityVerifierTest : public CppUnit::TestFixture { | |||
| 131 | CPPUNIT_ASSERT(!testling.certificateVerifies(certificate)); | 133 | CPPUNIT_ASSERT(!testling.certificateVerifies(certificate)); |
| 132 | } | 134 | } |
| 133 | 135 | ||
| 136 | void testCertificateVerifies_WithMatchingSRVNameWithServerExpected() { | ||
| 137 | // Server-mode test which gets cert with "xmpp-server" SRV name | ||
| 138 | ServerIdentityVerifier testling(JID("foo@bar.com/baz"), idnConverter.get(), true); | ||
| 139 | SimpleCertificate::ref certificate(new SimpleCertificate()); | ||
| 140 | certificate->addSRVName("_xmpp-server.bar.com"); | ||
| 141 | |||
| 142 | CPPUNIT_ASSERT(testling.certificateVerifies(certificate)); | ||
| 143 | } | ||
| 144 | |||
| 145 | void testCertificateVerifies_WithMatchingSRVNameWithClientUnexpected() { | ||
| 146 | // Server-mode test which gets cert with "xmpp-client" SRV name | ||
| 147 | ServerIdentityVerifier testling(JID("foo@bar.com/baz"), idnConverter.get(), true); | ||
| 148 | SimpleCertificate::ref certificate(new SimpleCertificate()); | ||
| 149 | certificate->addSRVName("_xmpp-client.bar.com"); | ||
| 150 | |||
| 151 | CPPUNIT_ASSERT(!testling.certificateVerifies(certificate)); | ||
| 152 | } | ||
| 153 | |||
| 134 | void testCertificateVerifies_WithMatchingXmppAddr() { | 154 | void testCertificateVerifies_WithMatchingXmppAddr() { |
| 135 | ServerIdentityVerifier testling(JID("foo@bar.com/baz"), idnConverter.get()); | 155 | ServerIdentityVerifier testling(JID("foo@bar.com/baz"), idnConverter.get()); |
| 136 | SimpleCertificate::ref certificate(new SimpleCertificate()); | 156 | SimpleCertificate::ref certificate(new SimpleCertificate()); |