Swift
summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--Swiften/TLS/ServerIdentityVerifier.cpp6
-rw-r--r--Swiften/TLS/UnitTest/ServerIdentityVerifierTest.cpp32
2 files changed, 35 insertions, 3 deletions
diff --git a/Swiften/TLS/ServerIdentityVerifier.cpp b/Swiften/TLS/ServerIdentityVerifier.cpp
index da116e5..18ea2aa 100644
--- a/Swiften/TLS/ServerIdentityVerifier.cpp
+++ b/Swiften/TLS/ServerIdentityVerifier.cpp
@@ -82,15 +82,15 @@ bool ServerIdentityVerifier::matchesDomain(const std::string& s) const {
82 if (dotIndex != matchDomain.npos) { 82 if (dotIndex != matchDomain.npos) {
83 matchDomain = matchDomain.substr(dotIndex + 1, matchDomain.npos); 83 matchDomain = matchDomain.substr(dotIndex + 1, matchDomain.npos);
84 } 84 }
85 return matchString == matchDomain; 85 return boost::iequals(matchString, matchDomain);
86 } 86 }
87 else { 87 else {
88 return s == encodedDomain; 88 return boost::iequals(s, encodedDomain);
89 } 89 }
90} 90}
91 91
92bool ServerIdentityVerifier::matchesAddress(const std::string& s) const { 92bool ServerIdentityVerifier::matchesAddress(const std::string& s) const {
93 return s == domain; 93 return boost::iequals(s, domain);
94} 94}
95 95
96} 96}
diff --git a/Swiften/TLS/UnitTest/ServerIdentityVerifierTest.cpp b/Swiften/TLS/UnitTest/ServerIdentityVerifierTest.cpp
index 7379b69..47f3db2 100644
--- a/Swiften/TLS/UnitTest/ServerIdentityVerifierTest.cpp
+++ b/Swiften/TLS/UnitTest/ServerIdentityVerifierTest.cpp
@@ -60,6 +60,14 @@ class ServerIdentityVerifierTest : public CppUnit::TestFixture {
60 CPPUNIT_ASSERT(testling.certificateVerifies(certificate)); 60 CPPUNIT_ASSERT(testling.certificateVerifies(certificate));
61 } 61 }
62 62
63 void testCertificateVerifies_WithMatchingDNSNameMixedCase() {
64 ServerIdentityVerifier testling(JID("foo@baR.com/baz"), idnConverter.get());
65 SimpleCertificate::ref certificate(new SimpleCertificate());
66 certificate->addDNSName("Bar.com");
67
68 CPPUNIT_ASSERT(testling.certificateVerifies(certificate));
69 }
70
63 void testCertificateVerifies_WithSecondMatchingDNSName() { 71 void testCertificateVerifies_WithSecondMatchingDNSName() {
64 ServerIdentityVerifier testling(JID("foo@bar.com/baz"), idnConverter.get()); 72 ServerIdentityVerifier testling(JID("foo@bar.com/baz"), idnConverter.get());
65 SimpleCertificate::ref certificate(new SimpleCertificate()); 73 SimpleCertificate::ref certificate(new SimpleCertificate());
@@ -159,6 +167,14 @@ class ServerIdentityVerifierTest : public CppUnit::TestFixture {
159 CPPUNIT_ASSERT(testling.certificateVerifies(certificate)); 167 CPPUNIT_ASSERT(testling.certificateVerifies(certificate));
160 } 168 }
161 169
170 void testCertificateVerifies_WithMatchingXmppAddrMixedCase() {
171 ServerIdentityVerifier testling(JID("foo@baR.com/baz"), idnConverter.get());
172 SimpleCertificate::ref certificate(new SimpleCertificate());
173 certificate->addXMPPAddress("bAr.com");
174
175 CPPUNIT_ASSERT(testling.certificateVerifies(certificate));
176 }
177
162 void testCertificateVerifies_WithMatchingXmppAddrWithWildcard() { 178 void testCertificateVerifies_WithMatchingXmppAddrWithWildcard() {
163 ServerIdentityVerifier testling(JID("foo@im.bar.com/baz"), idnConverter.get()); 179 ServerIdentityVerifier testling(JID("foo@im.bar.com/baz"), idnConverter.get());
164 SimpleCertificate::ref certificate(new SimpleCertificate()); 180 SimpleCertificate::ref certificate(new SimpleCertificate());
@@ -167,6 +183,14 @@ class ServerIdentityVerifierTest : public CppUnit::TestFixture {
167 CPPUNIT_ASSERT(!testling.certificateVerifies(certificate)); 183 CPPUNIT_ASSERT(!testling.certificateVerifies(certificate));
168 } 184 }
169 185
186 void testCertificateVerifies_WithMatchingXmppAddrWithWildcardMixedCase() {
187 ServerIdentityVerifier testling(JID("foo@im.bAr.com/baz"), idnConverter.get());
188 SimpleCertificate::ref certificate(new SimpleCertificate());
189 certificate->addXMPPAddress("*.baR.com");
190
191 CPPUNIT_ASSERT(!testling.certificateVerifies(certificate));
192 }
193
170 void testCertificateVerifies_WithMatchingInternationalXmppAddr() { 194 void testCertificateVerifies_WithMatchingInternationalXmppAddr() {
171 ServerIdentityVerifier testling(JID("foo@tron\xc3\xa7.com/baz"), idnConverter.get()); 195 ServerIdentityVerifier testling(JID("foo@tron\xc3\xa7.com/baz"), idnConverter.get());
172 SimpleCertificate::ref certificate(new SimpleCertificate()); 196 SimpleCertificate::ref certificate(new SimpleCertificate());
@@ -175,6 +199,14 @@ class ServerIdentityVerifierTest : public CppUnit::TestFixture {
175 CPPUNIT_ASSERT(testling.certificateVerifies(certificate)); 199 CPPUNIT_ASSERT(testling.certificateVerifies(certificate));
176 } 200 }
177 201
202 void testCertificateVerifies_WithMatchingInternationalXmppAddrMixedCase() {
203 ServerIdentityVerifier testling(JID("foo@tRon\xc3\xa7.com/baz"), idnConverter.get());
204 SimpleCertificate::ref certificate(new SimpleCertificate());
205 certificate->addXMPPAddress("trOn\xc3\xa7.com");
206
207 CPPUNIT_ASSERT(testling.certificateVerifies(certificate));
208 }
209
178 void testCertificateVerifies_WithMatchingCNWithoutSAN() { 210 void testCertificateVerifies_WithMatchingCNWithoutSAN() {
179 ServerIdentityVerifier testling(JID("foo@bar.com/baz"), idnConverter.get()); 211 ServerIdentityVerifier testling(JID("foo@bar.com/baz"), idnConverter.get());
180 SimpleCertificate::ref certificate(new SimpleCertificate()); 212 SimpleCertificate::ref certificate(new SimpleCertificate());