Skip to content

Commit

Permalink
HTTPCLIENT-2247: Test cases to document present assumptions about the…
Browse files Browse the repository at this point in the history
… correct handling of public domain suffixes
  • Loading branch information
ok2c committed Nov 13, 2022
1 parent 32228cd commit 0ca5635
Show file tree
Hide file tree
Showing 3 changed files with 39 additions and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,8 @@ public void testGetDomainRootAnyType() {
Assertions.assertEquals("garbage", matcher.getDomainRoot("garbage.garbage"));
Assertions.assertEquals("garbage", matcher.getDomainRoot("*.garbage.garbage"));
Assertions.assertEquals("garbage", matcher.getDomainRoot("*.garbage.garbage.garbage"));

Assertions.assertEquals("*.compute-1.amazonaws.com", matcher.getDomainRoot("*.compute-1.amazonaws.com"));
}

@Test
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -254,6 +254,18 @@ public void testIdentityMatching() {

Assertions.assertFalse(DefaultHostnameVerifier.matchIdentity("a.b.c", "*.*.c"));
Assertions.assertFalse(DefaultHostnameVerifier.matchIdentityStrict("a.b.c", "*.*.c"));

Assertions.assertTrue(DefaultHostnameVerifier.matchIdentity("a.b.xxx.uk", "a.b.xxx.uk", publicSuffixMatcher));
Assertions.assertTrue(DefaultHostnameVerifier.matchIdentityStrict("a.b.xxx.uk", "a.b.xxx.uk", publicSuffixMatcher));

Assertions.assertTrue(DefaultHostnameVerifier.matchIdentity("a.b.xxx.uk", "*.b.xxx.uk", publicSuffixMatcher));
Assertions.assertTrue(DefaultHostnameVerifier.matchIdentityStrict("a.b.xxx.uk", "*.b.xxx.uk", publicSuffixMatcher));

Assertions.assertTrue(DefaultHostnameVerifier.matchIdentity("b.xxx.uk", "b.xxx.uk", publicSuffixMatcher));
Assertions.assertTrue(DefaultHostnameVerifier.matchIdentityStrict("b.xxx.uk", "b.xxx.uk", publicSuffixMatcher));

Assertions.assertFalse(DefaultHostnameVerifier.matchIdentity("b.xxx.uk", "*.xxx.uk", publicSuffixMatcher));
Assertions.assertFalse(DefaultHostnameVerifier.matchIdentityStrict("b.xxx.uk", "*.xxx.uk", publicSuffixMatcher));
}

@Test
Expand Down Expand Up @@ -426,6 +438,24 @@ public void testMatchDNSName() throws Exception {
"host.domain.com",
Collections.singletonList(SubjectName.DNS("some.other.com")),
publicSuffixMatcher));

DefaultHostnameVerifier.matchDNSName(
"host.ec2.compute-1.amazonaws.com",
Collections.singletonList(SubjectName.DNS("host.ec2.compute-1.amazonaws.com")),
publicSuffixMatcher);
DefaultHostnameVerifier.matchDNSName(
"host.ec2.compute-1.amazonaws.com",
Collections.singletonList(SubjectName.DNS("*.ec2.compute-1.amazonaws.com")),
publicSuffixMatcher);
DefaultHostnameVerifier.matchDNSName(
"ec2.compute-1.amazonaws.com",
Collections.singletonList(SubjectName.DNS("ec2.compute-1.amazonaws.com")),
publicSuffixMatcher);
Assertions.assertThrows(SSLException.class, () ->
DefaultHostnameVerifier.matchDNSName(
"ec2.compute-1.amazonaws.com",
Collections.singletonList(SubjectName.DNS("*.compute-1.amazonaws.com")),
publicSuffixMatcher));
}

}
}
6 changes: 6 additions & 0 deletions httpclient5/src/test/resources/suffixlistmatcher.txt
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,12 @@ xx
lan
appspot.com
s3.eu-central-1.amazonaws.com
*.compute.amazonaws.com
*.compute-1.amazonaws.com
*.compute.amazonaws.com.cn
us-east-1.amazonaws.com
*.xxx.uk

// ===END PRIVATE DOMAINS===

// ===BEGIN ICANN DOMAINS===
Expand Down

0 comments on commit 0ca5635

Please sign in to comment.