File: auto_verify_hostname.t

package info (click to toggle)
libio-socket-ssl-perl 2.095-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 1,180 kB
  • sloc: perl: 21,762; makefile: 4
file content (87 lines) | stat: -rw-r--r-- 2,118 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
 
#!perl

use strict;
use warnings;
use Net::SSLeay;
use Socket;
use IO::Socket::SSL;
use Test::More;

do './testlib.pl' || do './t/testlib.pl' || die "no testlib";

plan tests => 1 + 7 + 4 + 7*2 + 4;
my @tests = qw(
    example.com      www FAIL
    server.local     ldap OK
    server.local     www FAIL
    bla.server.local www OK
    www7.other.local www OK
    www7.other.local ldap FAIL
    bla.server.local ldap OK
);



my $server = IO::Socket::SSL->new(
    LocalAddr => '127.0.0.1',
    LocalPort => 0,
    Listen => 2,
    ReuseAddr => 1,
    SSL_server => 1,
    SSL_cert_file => "t/certs/server-wildcard.pem",
    SSL_key_file => "t/certs/server-wildcard.pem",
);
warn "\$!=$!, \$\@=$@, S\$SSL_ERROR=$SSL_ERROR" if ! $server;
ok( $server, "Server Initialization");
exit if !$server;
my $saddr = $server->sockhost.':'.$server->sockport;

defined( my $pid = fork() ) || die $!;
if ( $pid == 0 ) {
    while (1) {
	my $csock = $server->accept || next;
	print $csock "hallo\n";
    }
}

close($server);
IO::Socket::SSL::default_ca('t/certs/test-ca.pem');
for( my $i=0;$i<@tests;$i+=3 ) {
    my ($name,$scheme,$result) = @tests[$i,$i+1,$i+2];
    my $cl = IO::Socket::SSL->new(
	PeerAddr => $saddr,
	Domain => AF_INET,
	SSL_verify_mode => 1,
	SSL_verifycn_scheme => $scheme,
	SSL_verifycn_name => $name,
    );
    if ( $result eq 'FAIL' ) {
       ok( !$cl, "connection to $name/$scheme failed" );
    } else {
       ok( $cl, "connection to $name/$scheme succeeded" );
    }
    $cl || next;
    is( <$cl>, "hallo\n", "received hallo" );
}

for( my $i=0;$i<@tests;$i+=3 ) {
    my ($name,$scheme,$result) = @tests[$i,$i+1,$i+2];
    my $cl = IO::Socket::INET->new($saddr);
    ok( $cl, "tcp connect" );
    $cl = IO::Socket::SSL->start_SSL( $cl,
	SSL_verify_mode => 1,
	SSL_verifycn_scheme => $scheme,
	SSL_verifycn_name => $name,
    );
    if ( $result eq 'FAIL' ) {
	ok( !$cl, "ssl upgrade of connection to $name/$scheme failed" );
    } else {
	ok( $cl, "ssl upgrade of connection to $name/$scheme succeeded" );
    }
    $cl || next;
    is( <$cl>, "hallo\n", "received hallo" );
}

kill(9,$pid);
wait;