Line data Source code
1 : /* FreeTDS - Library of routines accessing Sybase and Microsoft databases
2 : * Copyright (C) 2023 Frediano Ziglio
3 : *
4 : * This library is free software; you can redistribute it and/or
5 : * modify it under the terms of the GNU Library General Public
6 : * License as published by the Free Software Foundation; either
7 : * version 2 of the License, or (at your option) any later version.
8 : *
9 : * This library is distributed in the hope that it will be useful,
10 : * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 : * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 : * Library General Public License for more details.
13 : *
14 : * You should have received a copy of the GNU Library General Public
15 : * License along with this library; if not, write to the
16 : * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
17 : * Boston, MA 02111-1307, USA.
18 : */
19 :
20 : /*
21 : * Check check_hostname function
22 : */
23 : #undef NDEBUG
24 : #include "../tls.c"
25 :
26 : #include "common.h"
27 :
28 : #include <freetds/data.h>
29 :
30 : #if defined(HAVE_OPENSSL)
31 :
32 : #include <freetds/bool.h>
33 :
34 : /* This certificate has common name as "www.abc.com" and alternate names
35 : as "xyz.org", "127.0.0.1", "::2:3:4:5:6" and "192.168.127.1". */
36 : static const char certificate[] =
37 : "-----BEGIN CERTIFICATE-----\n"
38 : "MIIE0jCCA7qgAwIBAgIUbIV2n53RPAMttnVuFQlE9C0tPvAwDQYJKoZIhvcNAQEL\n"
39 : "BQAwgYwxCzAJBgNVBAYTAlVLMQswCQYDVQQIDAJDQTESMBAGA1UEBwwJQ2FtYnJp\n"
40 : "ZGdlMRMwEQYDVQQKDApFeGFtcGxlIENvMRAwDgYDVQQLDAd0ZWNob3BzMRMwEQYD\n"
41 : "VQQDDApUZXN0aW5nIENBMSAwHgYJKoZIhvcNAQkBFhFjZXJ0c0BleGFtcGxlLmNv\n"
42 : "bTAeFw0yMzA5MjYxOTI2MjZaFw0yNjA2MjExOTI2MjZaMIGLMQswCQYDVQQGEwJV\n"
43 : "SzELMAkGA1UECAwCQ0ExEjAQBgNVBAcMCUNhbWJyaWRnZTERMA8GA1UECgwIRnJl\n"
44 : "ZGlhbm8xEDAOBgNVBAsMB3RlY2hvcHMxFDASBgNVBAMMC3d3dy5hYmMuY29tMSAw\n"
45 : "HgYJKoZIhvcNAQkBFhFjZXJ0c0BleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEB\n"
46 : "BQADggEPADCCAQoCggEBAMcXWlvCeX//9wxvaTP9qD1RaFYUhxOppC/+JDBHnn8Y\n"
47 : "T9915OYzctoAoVrcThMsg5GNWTB0/OkXz0/IHgxJZ9HFFsTJSUFvVKSD2UrG2ypF\n"
48 : "aSLdJOD2CpqNbrr0cNhIFfRBrJ7KC3F3PHKB7BoROiSCgTTz46Hx29fRLW3Rqxh0\n"
49 : "tz/tj7Yt5vesqByWo5zj3vha/F4+eK1hNNuP93i8wkZIOPStWNOO2OQ/ULh8MZON\n"
50 : "qpvJHw6NveDmVFIVGtutrA+5w30Wp2vUJI60erRSailsMpXFyElYdnYZ+24/hA7P\n"
51 : "Hfx3v5cQ+DHF3+AKFU7G2bcS/kB48vLSZzDz82/5O88CAwEAAaOCASkwggElMAwG\n"
52 : "A1UdEwEB/wQCMAAwCwYDVR0PBAQDAgXgMDAGA1UdEQQpMCeCB3h5ei5vcmeHBH8A\n"
53 : "AAGHEAAAAAAAAAACAAMABAAFAAaHBMCofwEwHQYDVR0OBBYEFDWbwRVMZvyOL8oA\n"
54 : "nVpuRW2xkeeoMIG2BgNVHSMEga4wgauhgZKkgY8wgYwxCzAJBgNVBAYTAlVLMQsw\n"
55 : "CQYDVQQIDAJDQTESMBAGA1UEBwwJQ2FtYnJpZGdlMRMwEQYDVQQKDApFeGFtcGxl\n"
56 : "IENvMRAwDgYDVQQLDAd0ZWNob3BzMRMwEQYDVQQDDApUZXN0aW5nIENBMSAwHgYJ\n"
57 : "KoZIhvcNAQkBFhFjZXJ0c0BleGFtcGxlLmNvbYIUW7YAeQBh0HFi6VWbFh9+tG2F\n"
58 : "8NAwDQYJKoZIhvcNAQELBQADggEBAL0SfWxEufOYqg9e3vnLJj5Jxv1arayEWHrt\n"
59 : "hL64GmEw4DltxX2DXAlPnQvpMvYGV3ynnAdnvDaFlBceG0iZzu9ZQTw0bdB12L30\n"
60 : "PETIYUN1uHPaIXA8cCtLFi0BNVIeGH8WYbOVEu0Kl7JX+WSbZqnC9+wqpGrQv578\n"
61 : "Ml+EIP8L1ZLaJx7W1U+A/WW+xtWmpTnHVNyOAWdX3c+GE4kSYzsW+6D3Ha2EYAno\n"
62 : "R46tD+akLPNKjYETaB+MU72xF7h4crpEqfOZx2WVwMKjRsZed33xG4kG3P8SItYI\n"
63 : "UJdPxDazCiKJYJ/JlRLZTW7+LisH33QcRRmbtS7KHrBDXveDez8=\n"
64 : "-----END CERTIFICATE-----\n";
65 :
66 : static bool got_failure = false;
67 :
68 : static void
69 45 : test_hostname(X509 *cert, const char *hostname, bool expected)
70 : {
71 45 : bool got = !!check_hostname(cert, hostname);
72 45 : if (got != expected) {
73 0 : fprintf(stderr, "unexpected result, got %d expected %d for '%s'\n", got, expected, hostname);
74 0 : got_failure = true;
75 : }
76 45 : }
77 :
78 5 : TEST_MAIN()
79 : {
80 : BIO *bufio;
81 : X509 *cert;
82 : bool expected;
83 : #define test(hostname) test_hostname(cert, hostname, expected)
84 :
85 5 : bufio = BIO_new_mem_buf((void*)certificate, -1);
86 5 : if (!bufio) {
87 0 : fprintf(stderr, "error allocating BIO\n");
88 0 : return 1;
89 : }
90 5 : cert = PEM_read_bio_X509(bufio, NULL, 0, NULL);
91 5 : if (!cert) {
92 0 : fprintf(stderr, "error creating certificate\n");
93 0 : return 1;
94 : }
95 :
96 : /* check valid names are accepted */
97 5 : expected = true;
98 5 : test("xyz.org");
99 5 : test("127.0.0.1");
100 5 : test("::2:3:4:5:6");
101 5 : test("192.168.127.1");
102 5 : test("www.abc.com");
103 :
104 : /* check some invalid names */
105 5 : expected = false;
106 5 : test("fail.com");
107 5 : test("127.0.0.2");
108 5 : test("::2:3:4:5:7");
109 5 : test("::1");
110 :
111 5 : X509_free(cert);
112 5 : BIO_free(bufio);
113 5 : return got_failure ? 1 : 0;
114 : }
115 : #else
116 5 : TEST_MAIN()
117 : {
118 5 : return 0;
119 : }
120 : #endif
|
