X-Git-Url: http://git.maemo.org/git/?p=dh-make-perl;a=blobdiff_plain;f=dev%2Farm%2Flibio-socket-ssl-perl%2Flibio-socket-ssl-perl-1.16%2F.pc%2Fpartial_hostname_fix.patch%2Ft%2Fverify_hostname.t;fp=dev%2Farm%2Flibio-socket-ssl-perl%2Flibio-socket-ssl-perl-1.16%2F.pc%2Fpartial_hostname_fix.patch%2Ft%2Fverify_hostname.t;h=9cd85963d4b22f21060eea473aec21be0023b156;hp=0000000000000000000000000000000000000000;hb=f477fa73365d491991707e7ed9217b48d6994551;hpb=da95c414033799c3a62606f299c3c00b5c77ca11 diff --git a/dev/arm/libio-socket-ssl-perl/libio-socket-ssl-perl-1.16/.pc/partial_hostname_fix.patch/t/verify_hostname.t b/dev/arm/libio-socket-ssl-perl/libio-socket-ssl-perl-1.16/.pc/partial_hostname_fix.patch/t/verify_hostname.t new file mode 100644 index 0000000..9cd8596 --- /dev/null +++ b/dev/arm/libio-socket-ssl-perl/libio-socket-ssl-perl-1.16/.pc/partial_hostname_fix.patch/t/verify_hostname.t @@ -0,0 +1,121 @@ +#!perl -w + +use strict; +use Net::SSLeay; +use Socket; +use IO::Socket::SSL; + +print "1..0 # Skipped: test cert has expired\n"; +exit; + +if ( grep { $^O =~m{$_} } qw( MacOS VOS vmesa riscos amigaos ) ) { + print "1..0 # Skipped: fork not implemented on this platform\n"; + exit +} + +# subjectAltNames are not supported or buggy in older versions, +# so certificates cannot be checked +if ( $Net::SSLeay::VERSION < 1.33 ) { + print "1..0 # Skipped because of \$Net::SSLeay::VERSION= $Net::SSLeay::VERSION <1.33\n"; + exit; +} + +use vars qw( $SSL_SERVER_ADDR ); +do "t/ssl_settings.req" || do "ssl_settings.req"; + +# if we have an IDN library max the IDN tests too +my $can_idn = eval { require Encode } && + ( eval { require Net::LibIDN } || eval { require Net::IDN::Encode } ); + +$|=1; +my $max = 37; +$max+=3 if $can_idn; +print "1..$max\n"; + +my $server = IO::Socket::SSL->new( + LocalAddr => $SSL_SERVER_ADDR, + Listen => 2, + ReuseAddr => 1, + SSL_server => 1, + #SSL_verify_mode => 0x00, + SSL_ca_file => "certs/test-ca.pem", + SSL_cert_file => "certs/server-wildcard.pem", + SSL_key_file => "certs/server-wildcard.pem", +); +warn "\$!=$!, \$\@=$@, S\$SSL_ERROR=$SSL_ERROR" if ! $server; +print "not ok\n", exit if !$server; +ok("Server Initialization"); +my $SSL_SERVER_PORT = $server->sockport; + +defined( my $pid = fork() ) || die $!; +if ( $pid == 0 ) { + + close($server); + my $client = IO::Socket::SSL->new( "$SSL_SERVER_ADDR:$SSL_SERVER_PORT" ) + || print "not "; + ok( "client ssl connect" ); + + my $issuer = $client->peer_certificate( 'issuer' ); + print "not " if $issuer !~m{IO::Socket::SSL Test CA}; + ok("issuer"); + + my $cn = $client->peer_certificate( 'cn' ); + print "not " unless $cn eq "server.local"; + ok("cn"); + + my @alt = $client->peer_certificate( 'subjectAltNames' ); + my @want = ( + GEN_DNS() => '*.server.local', + GEN_IPADD() => '127.0.0.1', + GEN_DNS() => 'www*.other.local', + GEN_DNS() => 'smtp.mydomain.local', + GEN_DNS() => 'xn--lwe-sna.idntest.local', + ); + while (@want) { + my ($typ,$text) = splice(@want,0,2); + my $data = ($typ == GEN_IPADD() ) ? inet_aton($text):$text; + my ($th,$dh) = splice(@alt,0,2); + $th == $typ and $dh eq $data or print "not "; + ok( $text ); + } + @alt and print "not "; + ok( 'no more altSubjectNames' ); + + my @tests = ( + '127.0.0.1' => [qw( smtp ldap www)], + 'server.local' => [qw(smtp ldap)], + 'blafasel.server.local' => [qw(ldap www)], + 'lala.blafasel.server.local' => [], + 'www.other.local' => [qw(www)], + 'www-13.other.local' => [qw(www)], + 'www-13.lala.other.local' => [], + 'smtp.mydomain.local' => [qw(smtp ldap www)], + 'xn--lwe-sna.idntest.local' => [qw(smtp ldap www)], + ); + if ( $can_idn ) { + # check IDN handling + my $loewe = "l\366we.idntest.local"; + push @tests, ( $loewe => [qw(smtp ldap www)] ); + } + + while (@tests) { + my ($host,$expect) = splice(@tests,0,2); + my %expect = map { $_=>1 } @$expect; + for my $typ (qw( smtp ldap www)) { + my $is = $client->verify_hostname( $host, $typ ) ? 'pass':'fail'; + my $want = $expect{$typ} ? 'pass':'fail'; + print "not " if $is ne $want; + ok( "$want $host $typ" ); + } + } + + exit; +} + +my $csock = $server->accept; +wait; + + + +sub ok { print "ok #$_[0]\n"; } +