File: auto_verify_hostname.t

package info (click to toggle)
libio-socket-ssl-perl 2.002-2%2Bdeb8u3
  • links: PTS, VCS
  • area: main
  • in suites: jessie
  • size: 1,348 kB
  • sloc: perl: 14,412; makefile: 4
file content (93 lines) | stat: -rw-r--r-- 2,233 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
 
#!perl

use strict;
use warnings;
use Net::SSLeay;
use Socket;
use IO::Socket::SSL;
do './testlib.pl' || do './t/testlib.pl' || die "no testlib";

$|=1;
print "1..30\n";

my $server = IO::Socket::SSL->new(
    LocalAddr => '127.0.0.1',
    LocalPort => 0,
    Listen => 2,
    ReuseAddr => 1,
    SSL_server => 1,
    SSL_cert_file => "certs/server-wildcard.pem",
    SSL_key_file => "certs/server-wildcard.pem",
);
warn "\$!=$!, \$\@=$@, S\$SSL_ERROR=$SSL_ERROR" if ! $server;
print "not ok\n", exit if !$server;
ok("Server Initialization");
my $saddr = $server->sockhost.':'.$server->sockport;

defined( my $pid = fork() ) || die $!;
if ( $pid == 0 ) {
    while (1) {
	my $csock = $server->accept || next;
	print $csock "hallo\n";
    }
}

close($server);
my @tests = qw(
    example.com      www FAIL
    server.local     ldap OK
    server.local     www FAIL
    bla.server.local www OK
    www7.other.local www OK
    www7.other.local ldap FAIL
    bla.server.local ldap OK
);

IO::Socket::SSL::default_ca('certs/test-ca.pem');
for( my $i=0;$i<@tests;$i+=3 ) {
    my ($name,$scheme,$result) = @tests[$i,$i+1,$i+2];
    my $cl = IO::Socket::SSL->new(
	PeerAddr => $saddr,
	SSL_verify_mode => 1,
	SSL_verifycn_scheme => $scheme,
	SSL_verifycn_name => $name,
    );
    if ( $result eq 'FAIL' ) {
	print "not " if $cl;
	ok( "connection to $name/$scheme failed" );
    } else {
	print "not " if !$cl;
	ok( "connection to $name/$scheme succeeded" );
    }
    $cl || next;
    print "not " if <$cl> ne "hallo\n";
    ok( "received hallo" );
}

for( my $i=0;$i<@tests;$i+=3 ) {
    my ($name,$scheme,$result) = @tests[$i,$i+1,$i+2];
    my $cl = IO::Socket::INET->new(
	PeerAddr => $saddr,
    ) || print "not ";
    ok( "tcp connect" );
    $cl = IO::Socket::SSL->start_SSL( $cl,
	SSL_verify_mode => 1,
	SSL_verifycn_scheme => $scheme,
	SSL_verifycn_name => $name,
    );
    if ( $result eq 'FAIL' ) {
	print "not " if $cl;
	ok( "ssl upgrade of connection to $name/$scheme failed" );
    } else {
	print "not " if !$cl;
	ok( "ssl upgrade of connection to $name/$scheme succeeded" );
    }
    $cl || next;
    print "not " if <$cl> ne "hallo\n";
    ok( "received hallo" );
}

kill(9,$pid);
wait;

sub ok { print "ok #$_[0]\n"; }