HTTPCLIENT-2247: Test cases to document present assumptions about the correct handling of public domain suffixes
This commit is contained in:
parent
32228cd4ff
commit
0ca5635898
|
@ -72,6 +72,8 @@ public class TestPublicSuffixMatcher {
|
||||||
Assertions.assertEquals("garbage", matcher.getDomainRoot("garbage.garbage"));
|
Assertions.assertEquals("garbage", matcher.getDomainRoot("garbage.garbage"));
|
||||||
Assertions.assertEquals("garbage", matcher.getDomainRoot("*.garbage.garbage"));
|
Assertions.assertEquals("garbage", matcher.getDomainRoot("*.garbage.garbage"));
|
||||||
Assertions.assertEquals("garbage", matcher.getDomainRoot("*.garbage.garbage.garbage"));
|
Assertions.assertEquals("garbage", matcher.getDomainRoot("*.garbage.garbage.garbage"));
|
||||||
|
|
||||||
|
Assertions.assertEquals("*.compute-1.amazonaws.com", matcher.getDomainRoot("*.compute-1.amazonaws.com"));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
|
|
@ -254,6 +254,18 @@ public class TestDefaultHostnameVerifier {
|
||||||
|
|
||||||
Assertions.assertFalse(DefaultHostnameVerifier.matchIdentity("a.b.c", "*.*.c"));
|
Assertions.assertFalse(DefaultHostnameVerifier.matchIdentity("a.b.c", "*.*.c"));
|
||||||
Assertions.assertFalse(DefaultHostnameVerifier.matchIdentityStrict("a.b.c", "*.*.c"));
|
Assertions.assertFalse(DefaultHostnameVerifier.matchIdentityStrict("a.b.c", "*.*.c"));
|
||||||
|
|
||||||
|
Assertions.assertTrue(DefaultHostnameVerifier.matchIdentity("a.b.xxx.uk", "a.b.xxx.uk", publicSuffixMatcher));
|
||||||
|
Assertions.assertTrue(DefaultHostnameVerifier.matchIdentityStrict("a.b.xxx.uk", "a.b.xxx.uk", publicSuffixMatcher));
|
||||||
|
|
||||||
|
Assertions.assertTrue(DefaultHostnameVerifier.matchIdentity("a.b.xxx.uk", "*.b.xxx.uk", publicSuffixMatcher));
|
||||||
|
Assertions.assertTrue(DefaultHostnameVerifier.matchIdentityStrict("a.b.xxx.uk", "*.b.xxx.uk", publicSuffixMatcher));
|
||||||
|
|
||||||
|
Assertions.assertTrue(DefaultHostnameVerifier.matchIdentity("b.xxx.uk", "b.xxx.uk", publicSuffixMatcher));
|
||||||
|
Assertions.assertTrue(DefaultHostnameVerifier.matchIdentityStrict("b.xxx.uk", "b.xxx.uk", publicSuffixMatcher));
|
||||||
|
|
||||||
|
Assertions.assertFalse(DefaultHostnameVerifier.matchIdentity("b.xxx.uk", "*.xxx.uk", publicSuffixMatcher));
|
||||||
|
Assertions.assertFalse(DefaultHostnameVerifier.matchIdentityStrict("b.xxx.uk", "*.xxx.uk", publicSuffixMatcher));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@ -426,6 +438,24 @@ public class TestDefaultHostnameVerifier {
|
||||||
"host.domain.com",
|
"host.domain.com",
|
||||||
Collections.singletonList(SubjectName.DNS("some.other.com")),
|
Collections.singletonList(SubjectName.DNS("some.other.com")),
|
||||||
publicSuffixMatcher));
|
publicSuffixMatcher));
|
||||||
|
|
||||||
|
DefaultHostnameVerifier.matchDNSName(
|
||||||
|
"host.ec2.compute-1.amazonaws.com",
|
||||||
|
Collections.singletonList(SubjectName.DNS("host.ec2.compute-1.amazonaws.com")),
|
||||||
|
publicSuffixMatcher);
|
||||||
|
DefaultHostnameVerifier.matchDNSName(
|
||||||
|
"host.ec2.compute-1.amazonaws.com",
|
||||||
|
Collections.singletonList(SubjectName.DNS("*.ec2.compute-1.amazonaws.com")),
|
||||||
|
publicSuffixMatcher);
|
||||||
|
DefaultHostnameVerifier.matchDNSName(
|
||||||
|
"ec2.compute-1.amazonaws.com",
|
||||||
|
Collections.singletonList(SubjectName.DNS("ec2.compute-1.amazonaws.com")),
|
||||||
|
publicSuffixMatcher);
|
||||||
|
Assertions.assertThrows(SSLException.class, () ->
|
||||||
|
DefaultHostnameVerifier.matchDNSName(
|
||||||
|
"ec2.compute-1.amazonaws.com",
|
||||||
|
Collections.singletonList(SubjectName.DNS("*.compute-1.amazonaws.com")),
|
||||||
|
publicSuffixMatcher));
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
|
@ -28,6 +28,12 @@ xx
|
||||||
lan
|
lan
|
||||||
appspot.com
|
appspot.com
|
||||||
s3.eu-central-1.amazonaws.com
|
s3.eu-central-1.amazonaws.com
|
||||||
|
*.compute.amazonaws.com
|
||||||
|
*.compute-1.amazonaws.com
|
||||||
|
*.compute.amazonaws.com.cn
|
||||||
|
us-east-1.amazonaws.com
|
||||||
|
*.xxx.uk
|
||||||
|
|
||||||
// ===END PRIVATE DOMAINS===
|
// ===END PRIVATE DOMAINS===
|
||||||
|
|
||||||
// ===BEGIN ICANN DOMAINS===
|
// ===BEGIN ICANN DOMAINS===
|
||||||
|
|
Loading…
Reference in New Issue