android/okhttp
1
0
Fork 0
mirror of https://github.com/square/okhttp.git synced 2026-01-14 07:22:20 +03:00
Code Releases Activity

Test fix for cert names (#6398)

Browse Source
This commit is contained in:
Yuri Schimke
2020-11-08 14:26:22 +00:00
committed by GitHub
parent efe88b1918
commit b22f355bd7
1 changed files with 13 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
okhttp/src/test/java/okhttp3/internal/tls/HostnameVerifierTest.java
View File

@@ -30,9 +30,11 @@ import javax.security.auth.x500.X500Principal;
import okhttp3.FakeSSLSession;
import okhttp3.OkHttpClient;
import okhttp3.internal.Util;
import okhttp3.testing.PlatformRule;
import okhttp3.tls.HeldCertificate;
import okhttp3.tls.internal.TlsUtil;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.RegisterExtension;
import static java.nio.charset.StandardCharsets.UTF_8;
import static org.assertj.core.api.Assertions.assertThat;
@@ -43,6 +45,7 @@ import static org.assertj.core.api.Assertions.assertThat;
*/
public final class HostnameVerifierTest {
private OkHostnameVerifier verifier = OkHostnameVerifier.INSTANCE;
@RegisterExtension public PlatformRule platform = new PlatformRule();
@Test public void verify() {
FakeSSLSession session = new FakeSSLSession();
@@ -186,7 +189,11 @@ public final class HostnameVerifierTest {
+ "-----END CERTIFICATE-----\n");
X509Certificate peerCertificate = ((X509Certificate) session.getPeerCertificates()[0]);
assertThat(certificateSANs(peerCertificate)).containsExactly("bar.com", "<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>.co.jp");
if (platform.isConscrypt()) {
assertThat(certificateSANs(peerCertificate)).containsExactly("bar.com");
} else {
assertThat(certificateSANs(peerCertificate)).containsExactly("bar.com", "<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>.co.jp");
}
assertThat(verifier.verify("foo.com", session)).isFalse();
assertThat(verifier.verify("a.foo.com", session)).isFalse();
@@ -375,7 +382,11 @@ public final class HostnameVerifierTest {
+ "-----END CERTIFICATE-----\n");
X509Certificate peerCertificate = ((X509Certificate) session.getPeerCertificates()[0]);
assertThat(certificateSANs(peerCertificate)).containsExactly("*.bar.com", "*.<2E><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>.co.jp");
if (platform.isConscrypt()) {
assertThat(certificateSANs(peerCertificate)).containsExactly("*.bar.com");
} else {
assertThat(certificateSANs(peerCertificate)).containsExactly("*.bar.com", "*.<2E><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>.co.jp");
}
// try the foo.com variations
assertThat(verifier.verify("foo.com", session)).isFalse();