diff options
Diffstat (limited to 'Swiften/QA/TLSTest')
-rw-r--r-- | Swiften/QA/TLSTest/CertificateErrorTest.cpp | 364 | ||||
-rw-r--r-- | Swiften/QA/TLSTest/CertificateTest.cpp | 152 | ||||
-rw-r--r-- | Swiften/QA/TLSTest/SConscript | 40 | ||||
-rw-r--r-- | Swiften/QA/TLSTest/jabber_org.crt | bin | 2082 -> 2081 bytes |
4 files changed, 278 insertions, 278 deletions
diff --git a/Swiften/QA/TLSTest/CertificateErrorTest.cpp b/Swiften/QA/TLSTest/CertificateErrorTest.cpp index 1d87994..abd004e 100644 --- a/Swiften/QA/TLSTest/CertificateErrorTest.cpp +++ b/Swiften/QA/TLSTest/CertificateErrorTest.cpp @@ -5,7 +5,7 @@ */ /* - This file uses http://www.tls-o-matic.com/ to test the currently configured TLS backend for correct certificate validation behavior. + This file uses http://www.tls-o-matic.com/ to test the currently configured TLS backend for correct certificate validation behavior. */ #include <cppunit/extensions/HelperMacros.h> @@ -29,195 +29,195 @@ using namespace Swift; class CertificateErrorTest : public CppUnit::TestFixture { - CPPUNIT_TEST_SUITE(CertificateErrorTest); + CPPUNIT_TEST_SUITE(CertificateErrorTest); - // These test require the TLS-O-Matic testing CA to be trusted. For more info see https://www.tls-o-matic.com/https/test1 . - CPPUNIT_TEST(testTLS_O_MaticTrusted); - CPPUNIT_TEST(testTLS_O_MaticCertificateFromTheFuture); - CPPUNIT_TEST(testTLS_O_MaticCertificateFromThePast); - CPPUNIT_TEST(testTLS_O_MaticCertificateFromUnknownCA); - CPPUNIT_TEST(testTLS_O_MaticCertificateWrongPurpose); + // These test require the TLS-O-Matic testing CA to be trusted. For more info see https://www.tls-o-matic.com/https/test1 . + CPPUNIT_TEST(testTLS_O_MaticTrusted); + CPPUNIT_TEST(testTLS_O_MaticCertificateFromTheFuture); + CPPUNIT_TEST(testTLS_O_MaticCertificateFromThePast); + CPPUNIT_TEST(testTLS_O_MaticCertificateFromUnknownCA); + CPPUNIT_TEST(testTLS_O_MaticCertificateWrongPurpose); #if !defined(HAVE_OPENSSL) - // Our OpenSSL backend does not support revocation. We excluded it from the revocation tests. - CPPUNIT_TEST(testRevokedCertificateRevocationDisabled); - CPPUNIT_TEST(testRevokedCertificateRevocationEnabled); + // Our OpenSSL backend does not support revocation. We excluded it from the revocation tests. + CPPUNIT_TEST(testRevokedCertificateRevocationDisabled); + CPPUNIT_TEST(testRevokedCertificateRevocationEnabled); #endif - CPPUNIT_TEST_SUITE_END(); - - public: - void setUp() { - eventLoop_ = new DummyEventLoop(); - boostIOServiceThread_ = new BoostIOServiceThread(); - boostIOService_ = boost::make_shared<boost::asio::io_service>(); - connectionFactory_ = new BoostConnectionFactory(boostIOServiceThread_->getIOService(), eventLoop_); - idnConverter_ = PlatformIDNConverter::create(); - domainNameResolver_ = new PlatformDomainNameResolver(idnConverter_, eventLoop_), - - tlsFactories_ = new PlatformTLSFactories(); - tlsContextFactory_ = tlsFactories_->getTLSContextFactory(); - - tlsContextFactory_->setCheckCertificateRevocation(false); - - tlsConnectionFactory_ = new TLSConnectionFactory(tlsContextFactory_, connectionFactory_, TLSOptions()); - - connectFinished_ = false; - connectFinishedWithError_ = false; - } - - void tearDown() { - delete tlsConnectionFactory_; - delete tlsFactories_; - - delete domainNameResolver_; - delete idnConverter_; - delete connectionFactory_; - delete boostIOServiceThread_; - while (eventLoop_->hasEvents()) { - eventLoop_->processEvents(); - } - delete eventLoop_; - } - - HostAddress resolveName(const std::string& name) { - boost::shared_ptr<DomainNameAddressQuery> query = domainNameResolver_->createAddressQuery(name); - query->onResult.connect(boost::bind(&CertificateErrorTest::handleAddressQueryResult, this, _1, _2)); - lastResoverResult_ = HostAddress(); - resolvingDone_ = false; - - query->run(); - while(!resolvingDone_) { - eventLoop_->processEvents(); - } - - return lastResoverResult_; - } - - void connectToServer(boost::shared_ptr<TLSConnection> connection, const std::string& hostname, int port) { - connection->onConnectFinished.connect(boost::bind(&CertificateErrorTest::handleConnectFinished, this, _1)); - - HostAddress address = resolveName(hostname); - - connection->connect(HostAddressPort(address, port)); - - while (!connectFinished_) { - eventLoop_->processEvents(); - } - } - - void testTLS_O_MaticTrusted() { - boost::shared_ptr<TLSConnection> connection = boost::dynamic_pointer_cast<TLSConnection>(tlsConnectionFactory_->createConnection()); - TLSContext* context = connection->getTLSContext(); - - connectToServer(connection, "test1.tls-o-matic.com", 443); - - CPPUNIT_ASSERT_EQUAL(false, connectFinishedWithError_); - CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::ref(), context->getPeerCertificateVerificationError()); - } - - void testTLS_O_MaticCertificateFromTheFuture() { - boost::shared_ptr<TLSConnection> connection = boost::dynamic_pointer_cast<TLSConnection>(tlsConnectionFactory_->createConnection()); - TLSContext* context = connection->getTLSContext(); - - connectToServer(connection, "test5.tls-o-matic.com", 405); - - CPPUNIT_ASSERT_EQUAL(false, connectFinishedWithError_); - CPPUNIT_ASSERT(context->getPeerCertificateVerificationError()); + CPPUNIT_TEST_SUITE_END(); + + public: + void setUp() { + eventLoop_ = new DummyEventLoop(); + boostIOServiceThread_ = new BoostIOServiceThread(); + boostIOService_ = std::make_shared<boost::asio::io_service>(); + connectionFactory_ = new BoostConnectionFactory(boostIOServiceThread_->getIOService(), eventLoop_); + idnConverter_ = PlatformIDNConverter::create(); + domainNameResolver_ = new PlatformDomainNameResolver(idnConverter_, eventLoop_); + + tlsFactories_ = new PlatformTLSFactories(); + tlsContextFactory_ = tlsFactories_->getTLSContextFactory(); + + tlsContextFactory_->setCheckCertificateRevocation(false); + + tlsConnectionFactory_ = new TLSConnectionFactory(tlsContextFactory_, connectionFactory_, TLSOptions()); + + connectFinished_ = false; + connectFinishedWithError_ = false; + } + + void tearDown() { + delete tlsConnectionFactory_; + delete tlsFactories_; + + delete domainNameResolver_; + delete idnConverter_; + delete connectionFactory_; + delete boostIOServiceThread_; + while (eventLoop_->hasEvents()) { + eventLoop_->processEvents(); + } + delete eventLoop_; + } + + HostAddress resolveName(const std::string& name) { + std::shared_ptr<DomainNameAddressQuery> query = domainNameResolver_->createAddressQuery(name); + query->onResult.connect(boost::bind(&CertificateErrorTest::handleAddressQueryResult, this, _1, _2)); + lastResoverResult_ = HostAddress(); + resolvingDone_ = false; + + query->run(); + while(!resolvingDone_) { + eventLoop_->processEvents(); + } + + return lastResoverResult_; + } + + void connectToServer(std::shared_ptr<TLSConnection> connection, const std::string& hostname, int port) { + connection->onConnectFinished.connect(boost::bind(&CertificateErrorTest::handleConnectFinished, this, _1)); + + HostAddress address = resolveName(hostname); + + connection->connect(HostAddressPort(address, port)); + + while (!connectFinished_) { + eventLoop_->processEvents(); + } + } + + void testTLS_O_MaticTrusted() { + std::shared_ptr<TLSConnection> connection = std::dynamic_pointer_cast<TLSConnection>(tlsConnectionFactory_->createConnection()); + TLSContext* context = connection->getTLSContext(); + + connectToServer(connection, "test1.tls-o-matic.com", 443); + + CPPUNIT_ASSERT_EQUAL(false, connectFinishedWithError_); + CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::ref(), context->getPeerCertificateVerificationError()); + } + + void testTLS_O_MaticCertificateFromTheFuture() { + std::shared_ptr<TLSConnection> connection = std::dynamic_pointer_cast<TLSConnection>(tlsConnectionFactory_->createConnection()); + TLSContext* context = connection->getTLSContext(); + + connectToServer(connection, "test5.tls-o-matic.com", 405); + + CPPUNIT_ASSERT_EQUAL(false, connectFinishedWithError_); + CPPUNIT_ASSERT(context->getPeerCertificateVerificationError()); #if defined(HAVE_SCHANNEL) - // Windows SChannel API does not differentiate between expired and not yet valid. - CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::Expired, context->getPeerCertificateVerificationError()->getType()); + // Windows SChannel API does not differentiate between expired and not yet valid. + CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::Expired, context->getPeerCertificateVerificationError()->getType()); #else - CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::NotYetValid, context->getPeerCertificateVerificationError()->getType()); + CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::NotYetValid, context->getPeerCertificateVerificationError()->getType()); #endif - } - - void testTLS_O_MaticCertificateFromThePast() { - boost::shared_ptr<TLSConnection> connection = boost::dynamic_pointer_cast<TLSConnection>(tlsConnectionFactory_->createConnection()); - TLSContext* context = connection->getTLSContext(); - - connectToServer(connection, "test6.tls-o-matic.com", 406); - - CPPUNIT_ASSERT_EQUAL(false, connectFinishedWithError_); - CPPUNIT_ASSERT(context->getPeerCertificateVerificationError()); - CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::Expired, context->getPeerCertificateVerificationError()->getType()); - } - - void testTLS_O_MaticCertificateFromUnknownCA() { - boost::shared_ptr<TLSConnection> connection = boost::dynamic_pointer_cast<TLSConnection>(tlsConnectionFactory_->createConnection()); - TLSContext* context = connection->getTLSContext(); - - connectToServer(connection, "test7.tls-o-matic.com", 407); - - CPPUNIT_ASSERT_EQUAL(false, connectFinishedWithError_); - CPPUNIT_ASSERT(context->getPeerCertificateVerificationError()); - CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::Untrusted, context->getPeerCertificateVerificationError()->getType()); - } - - // test14.tls-o-matic.com:414 - void testTLS_O_MaticCertificateWrongPurpose() { - boost::shared_ptr<TLSConnection> connection = boost::dynamic_pointer_cast<TLSConnection>(tlsConnectionFactory_->createConnection()); - TLSContext* context = connection->getTLSContext(); - - connectToServer(connection, "test14.tls-o-matic.com", 414); - - CPPUNIT_ASSERT_EQUAL(false, connectFinishedWithError_); - CPPUNIT_ASSERT(context->getPeerCertificateVerificationError()); - CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::InvalidPurpose, context->getPeerCertificateVerificationError()->getType()); - } - - void testRevokedCertificateRevocationDisabled() { - tlsContextFactory_->setCheckCertificateRevocation(false); - boost::shared_ptr<TLSConnection> connection = boost::dynamic_pointer_cast<TLSConnection>(tlsConnectionFactory_->createConnection()); - TLSContext* context = connection->getTLSContext(); - - connectToServer(connection, "revoked.grc.com", 443); - - CPPUNIT_ASSERT_EQUAL(false, connectFinishedWithError_); - CPPUNIT_ASSERT(!context->getPeerCertificateVerificationError()); - } - - void testRevokedCertificateRevocationEnabled() { - tlsContextFactory_->setCheckCertificateRevocation(true); - boost::shared_ptr<TLSConnection> connection = boost::dynamic_pointer_cast<TLSConnection>(tlsConnectionFactory_->createConnection()); - TLSContext* context = connection->getTLSContext(); - - connectToServer(connection, "revoked.grc.com", 443); - - CPPUNIT_ASSERT_EQUAL(false, connectFinishedWithError_); - CPPUNIT_ASSERT(context->getPeerCertificateVerificationError()); - CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::Revoked, context->getPeerCertificateVerificationError()->getType()); - } - - private: - void handleAddressQueryResult(const std::vector<HostAddress>& address, boost::optional<DomainNameResolveError> /* error */) { - if (address.size() > 0) { - lastResoverResult_ = address[0]; - } - resolvingDone_ = true; - } - - void handleConnectFinished(bool error) { - connectFinished_ = true; - connectFinishedWithError_ = error; - } - - private: - BoostIOServiceThread* boostIOServiceThread_; - boost::shared_ptr<boost::asio::io_service> boostIOService_; - DummyEventLoop* eventLoop_; - ConnectionFactory* connectionFactory_; - PlatformTLSFactories* tlsFactories_; - TLSContextFactory* tlsContextFactory_; - TLSConnectionFactory* tlsConnectionFactory_; - - IDNConverter* idnConverter_; - DomainNameResolver* domainNameResolver_; - HostAddress lastResoverResult_; - bool resolvingDone_; - - bool connectFinished_; - bool connectFinishedWithError_; + } + + void testTLS_O_MaticCertificateFromThePast() { + std::shared_ptr<TLSConnection> connection = std::dynamic_pointer_cast<TLSConnection>(tlsConnectionFactory_->createConnection()); + TLSContext* context = connection->getTLSContext(); + + connectToServer(connection, "test6.tls-o-matic.com", 406); + + CPPUNIT_ASSERT_EQUAL(false, connectFinishedWithError_); + CPPUNIT_ASSERT(context->getPeerCertificateVerificationError()); + CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::Expired, context->getPeerCertificateVerificationError()->getType()); + } + + void testTLS_O_MaticCertificateFromUnknownCA() { + std::shared_ptr<TLSConnection> connection = std::dynamic_pointer_cast<TLSConnection>(tlsConnectionFactory_->createConnection()); + TLSContext* context = connection->getTLSContext(); + + connectToServer(connection, "test7.tls-o-matic.com", 407); + + CPPUNIT_ASSERT_EQUAL(false, connectFinishedWithError_); + CPPUNIT_ASSERT(context->getPeerCertificateVerificationError()); + CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::Untrusted, context->getPeerCertificateVerificationError()->getType()); + } + + // test14.tls-o-matic.com:414 + void testTLS_O_MaticCertificateWrongPurpose() { + std::shared_ptr<TLSConnection> connection = std::dynamic_pointer_cast<TLSConnection>(tlsConnectionFactory_->createConnection()); + TLSContext* context = connection->getTLSContext(); + + connectToServer(connection, "test14.tls-o-matic.com", 414); + + CPPUNIT_ASSERT_EQUAL(false, connectFinishedWithError_); + CPPUNIT_ASSERT(context->getPeerCertificateVerificationError()); + CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::InvalidPurpose, context->getPeerCertificateVerificationError()->getType()); + } + + void testRevokedCertificateRevocationDisabled() { + tlsContextFactory_->setCheckCertificateRevocation(false); + std::shared_ptr<TLSConnection> connection = std::dynamic_pointer_cast<TLSConnection>(tlsConnectionFactory_->createConnection()); + TLSContext* context = connection->getTLSContext(); + + connectToServer(connection, "revoked.grc.com", 443); + + CPPUNIT_ASSERT_EQUAL(false, connectFinishedWithError_); + CPPUNIT_ASSERT(!context->getPeerCertificateVerificationError()); + } + + void testRevokedCertificateRevocationEnabled() { + tlsContextFactory_->setCheckCertificateRevocation(true); + std::shared_ptr<TLSConnection> connection = std::dynamic_pointer_cast<TLSConnection>(tlsConnectionFactory_->createConnection()); + TLSContext* context = connection->getTLSContext(); + + connectToServer(connection, "revoked.grc.com", 443); + + CPPUNIT_ASSERT_EQUAL(false, connectFinishedWithError_); + CPPUNIT_ASSERT(context->getPeerCertificateVerificationError()); + CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::Revoked, context->getPeerCertificateVerificationError()->getType()); + } + + private: + void handleAddressQueryResult(const std::vector<HostAddress>& address, boost::optional<DomainNameResolveError> /* error */) { + if (address.size() > 0) { + lastResoverResult_ = address[0]; + } + resolvingDone_ = true; + } + + void handleConnectFinished(bool error) { + connectFinished_ = true; + connectFinishedWithError_ = error; + } + + private: + BoostIOServiceThread* boostIOServiceThread_; + std::shared_ptr<boost::asio::io_service> boostIOService_; + DummyEventLoop* eventLoop_; + ConnectionFactory* connectionFactory_; + PlatformTLSFactories* tlsFactories_; + TLSContextFactory* tlsContextFactory_; + TLSConnectionFactory* tlsConnectionFactory_; + + IDNConverter* idnConverter_; + DomainNameResolver* domainNameResolver_; + HostAddress lastResoverResult_; + bool resolvingDone_; + + bool connectFinished_; + bool connectFinishedWithError_; }; diff --git a/Swiften/QA/TLSTest/CertificateTest.cpp b/Swiften/QA/TLSTest/CertificateTest.cpp index 1c3857a..b53cd2f 100644 --- a/Swiften/QA/TLSTest/CertificateTest.cpp +++ b/Swiften/QA/TLSTest/CertificateTest.cpp @@ -1,99 +1,97 @@ /* - * Copyright (c) 2010 Isode Limited. + * Copyright (c) 2010-2016 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ -#include <Swiften/Base/ByteArray.h> +#include <memory> + +#include <boost/bind.hpp> #include <QA/Checker/IO.h> #include <cppunit/extensions/HelperMacros.h> #include <cppunit/extensions/TestFactoryRegistry.h> -#include <boost/bind.hpp> +#include <Swiften/Base/ByteArray.h> #include <Swiften/TLS/CertificateFactory.h> -#include "SwifTools/Application/PlatformApplicationPathProvider.h" + +#include <SwifTools/Application/PlatformApplicationPathProvider.h> using namespace Swift; template<typename CERTIFICATE_FACTORY> class CertificateTest : public CppUnit::TestFixture { - CPPUNIT_TEST_SUITE(CertificateTest); - CPPUNIT_TEST(testConstructFromDER); - CPPUNIT_TEST(testToDER); - //CPPUNIT_TEST(testGetSubjectName); - CPPUNIT_TEST(testGetCommonNames); - CPPUNIT_TEST(testGetSRVNames); - CPPUNIT_TEST(testGetDNSNames); - CPPUNIT_TEST(testGetXMPPAddresses); - CPPUNIT_TEST_SUITE_END(); - - public: - void setUp() { - pathProvider = new PlatformApplicationPathProvider("FileReadBytestreamTest"); - readByteArrayFromFile(certificateData, (pathProvider->getExecutableDir() / "jabber_org.crt")); - certificateFactory = new CERTIFICATE_FACTORY(); - } - - void tearDown() { - delete certificateFactory; - delete pathProvider; - } - - void testConstructFromDER() { - Certificate::ref testling = Certificate::ref(certificateFactory->createCertificateFromDER(certificateData)); - - CPPUNIT_ASSERT_EQUAL(std::string("*.jabber.org"), testling->getCommonNames()[0]); - } - - void testToDER() { - Certificate::ref testling = Certificate::ref(certificateFactory->createCertificateFromDER(certificateData)); - - CPPUNIT_ASSERT_EQUAL(certificateData, testling->toDER()); - } + CPPUNIT_TEST_SUITE(CertificateTest); + CPPUNIT_TEST(testConstructFromDER); + CPPUNIT_TEST(testToDER); + //CPPUNIT_TEST(testGetSubjectName); + CPPUNIT_TEST(testGetCommonNames); + CPPUNIT_TEST(testGetSRVNames); + CPPUNIT_TEST(testGetDNSNames); + CPPUNIT_TEST(testGetXMPPAddresses); + CPPUNIT_TEST_SUITE_END(); + + public: + void setUp() { + pathProvider = std::unique_ptr<PlatformApplicationPathProvider>(new PlatformApplicationPathProvider("FileReadBytestreamTest")); + readByteArrayFromFile(certificateData, (pathProvider->getExecutableDir() / "jabber_org.crt")); + certificateFactory = std::unique_ptr<CertificateFactory>(new CERTIFICATE_FACTORY()); + } + + void testConstructFromDER() { + Certificate::ref testling = Certificate::ref(certificateFactory->createCertificateFromDER(certificateData)); + + CPPUNIT_ASSERT_EQUAL(std::string("*.jabber.org"), testling->getCommonNames()[0]); + } + + void testToDER() { + Certificate::ref testling = Certificate::ref(certificateFactory->createCertificateFromDER(certificateData)); + + CPPUNIT_ASSERT_EQUAL(certificateData, testling->toDER()); + } /* - void testGetSubjectName() { - Certificate::ref testling = Certificate::ref(certificateFactory->createCertificateFromDER(certificateData); - - CPPUNIT_ASSERT_EQUAL(std::string("/description=114072-VMk8pdi1aj5kTXxO/C=US/ST=Colorado/L=Denver/O=Peter Saint-Andre/OU=StartCom Trusted Certificate Member/CN=*.jabber.org/emailAddress=hostmaster@jabber.org"), testling->getSubjectName()); - } - */ - - void testGetCommonNames() { - Certificate::ref testling = Certificate::ref(certificateFactory->createCertificateFromDER(certificateData)); - - CPPUNIT_ASSERT_EQUAL(1, static_cast<int>(testling->getCommonNames().size())); - CPPUNIT_ASSERT_EQUAL(std::string("*.jabber.org"), testling->getCommonNames()[0]); - } - - void testGetSRVNames() { - Certificate::ref testling = Certificate::ref(certificateFactory->createCertificateFromDER(certificateData)); - - CPPUNIT_ASSERT_EQUAL(1, static_cast<int>(testling->getSRVNames().size())); - CPPUNIT_ASSERT_EQUAL(std::string("*.jabber.org"), testling->getSRVNames()[0]); - } - - void testGetDNSNames() { - Certificate::ref testling = Certificate::ref(certificateFactory->createCertificateFromDER(certificateData)); - - CPPUNIT_ASSERT_EQUAL(2, static_cast<int>(testling->getDNSNames().size())); - CPPUNIT_ASSERT_EQUAL(std::string("*.jabber.org"), testling->getDNSNames()[0]); - CPPUNIT_ASSERT_EQUAL(std::string("jabber.org"), testling->getDNSNames()[1]); - } - - void testGetXMPPAddresses() { - Certificate::ref testling = Certificate::ref(certificateFactory->createCertificateFromDER(certificateData)); - - CPPUNIT_ASSERT_EQUAL(1, static_cast<int>(testling->getXMPPAddresses().size())); - CPPUNIT_ASSERT_EQUAL(std::string("*.jabber.org"), testling->getXMPPAddresses()[0]); - } - - private: - PlatformApplicationPathProvider* pathProvider; - ByteArray certificateData; - CertificateFactory* certificateFactory; + void testGetSubjectName() { + Certificate::ref testling = Certificate::ref(certificateFactory->createCertificateFromDER(certificateData); + + CPPUNIT_ASSERT_EQUAL(std::string("/description=114072-VMk8pdi1aj5kTXxO/C=US/ST=Colorado/L=Denver/O=Peter Saint-Andre/OU=StartCom Trusted Certificate Member/CN=*.jabber.org/emailAddress=hostmaster@jabber.org"), testling->getSubjectName()); + } + */ + + void testGetCommonNames() { + Certificate::ref testling = Certificate::ref(certificateFactory->createCertificateFromDER(certificateData)); + + CPPUNIT_ASSERT_EQUAL(1, static_cast<int>(testling->getCommonNames().size())); + CPPUNIT_ASSERT_EQUAL(std::string("*.jabber.org"), testling->getCommonNames()[0]); + } + + void testGetSRVNames() { + Certificate::ref testling = Certificate::ref(certificateFactory->createCertificateFromDER(certificateData)); + + CPPUNIT_ASSERT_EQUAL(1, static_cast<int>(testling->getSRVNames().size())); + CPPUNIT_ASSERT_EQUAL(std::string("*.jabber.org"), testling->getSRVNames()[0]); + } + + void testGetDNSNames() { + Certificate::ref testling = Certificate::ref(certificateFactory->createCertificateFromDER(certificateData)); + + CPPUNIT_ASSERT_EQUAL(2, static_cast<int>(testling->getDNSNames().size())); + CPPUNIT_ASSERT_EQUAL(std::string("*.jabber.org"), testling->getDNSNames()[0]); + CPPUNIT_ASSERT_EQUAL(std::string("jabber.org"), testling->getDNSNames()[1]); + } + + void testGetXMPPAddresses() { + Certificate::ref testling = Certificate::ref(certificateFactory->createCertificateFromDER(certificateData)); + + CPPUNIT_ASSERT_EQUAL(1, static_cast<int>(testling->getXMPPAddresses().size())); + CPPUNIT_ASSERT_EQUAL(std::string("*.jabber.org"), testling->getXMPPAddresses()[0]); + } + + private: + std::unique_ptr<PlatformApplicationPathProvider> pathProvider; + ByteArray certificateData; + std::unique_ptr<CertificateFactory> certificateFactory; }; #ifdef HAVE_OPENSSL diff --git a/Swiften/QA/TLSTest/SConscript b/Swiften/QA/TLSTest/SConscript index 0ac50e6..b7bfc7d 100644 --- a/Swiften/QA/TLSTest/SConscript +++ b/Swiften/QA/TLSTest/SConscript @@ -3,22 +3,24 @@ import os Import("env") if env["TEST"] : - myenv = env.Clone() - myenv.MergeFlags(myenv["CHECKER_FLAGS"]) - myenv.MergeFlags(myenv["SWIFTOOLS_FLAGS"]) - myenv.MergeFlags(myenv["SWIFTEN_FLAGS"]) - myenv.MergeFlags(myenv["SWIFTEN_DEP_FLAGS"]) - myenv.MergeFlags(myenv["CPPUNIT_FLAGS"]) - - if myenv.get("HAVE_OPENSSL", 0) : - myenv.Append(CPPDEFINES = "HAVE_OPENSSL") - elif myenv.get("HAVE_SCHANNEL", 0) : - myenv.Append(CPPDEFINES = "HAVE_SCHANNEL") - elif myenv.get("HAVE_SECURETRANSPORT", 0) : - myenv.Append(CPPDEFINES = "HAVE_SECURETRANSPORT") - - tester = myenv.Program("TLSTest", [ - "CertificateTest.cpp", - "CertificateErrorTest.cpp" - ]) - myenv.Test(tester, "system")
\ No newline at end of file + myenv = env.Clone() + myenv.MergeFlags(myenv["CHECKER_FLAGS"]) + myenv.MergeFlags(myenv["SWIFTOOLS_FLAGS"]) + myenv.MergeFlags(myenv["SWIFTEN_FLAGS"]) + myenv.MergeFlags(myenv["SWIFTEN_DEP_FLAGS"]) + myenv.MergeFlags(myenv["CPPUNIT_FLAGS"]) + + if myenv.get("HAVE_OPENSSL", 0) : + myenv.Append(CPPDEFINES = "HAVE_OPENSSL") + myenv.MergeFlags(myenv["OPENSSL_FLAGS"]) + elif myenv.get("HAVE_SCHANNEL", 0) : + myenv.Append(CPPDEFINES = "HAVE_SCHANNEL") + elif myenv.get("HAVE_SECURETRANSPORT", 0) : + myenv.Append(CPPDEFINES = "HAVE_SECURETRANSPORT") + + tester = myenv.Program("TLSTest", [ + "CertificateTest.cpp", + # Reenable if either http://www.tls-o-matic.com/ is fixed or we have setup a replacement. + #"CertificateErrorTest.cpp" + ]) + myenv.Test(tester, "system")
\ No newline at end of file diff --git a/Swiften/QA/TLSTest/jabber_org.crt b/Swiften/QA/TLSTest/jabber_org.crt Binary files differindex f7d619f..5a9ddaa 100644 --- a/Swiften/QA/TLSTest/jabber_org.crt +++ b/Swiften/QA/TLSTest/jabber_org.crt |