Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Add TargetHostName to QuicConnection #84976

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 12 commits into from
Apr 25, 2023
Merged

Add TargetHostName to QuicConnection #84976

Changes from 1 commit
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
40bce02
Add TargetHostName to QuicConnection
rzikm Apr 18, 2023
d6bd50e
Make TargetHostName not nullable
rzikm Apr 18, 2023
40af6e3
Fix build
rzikm Apr 18, 2023
f34abe2
Fix build of tests
rzikm Apr 18, 2023
d76cb1e
Fix failing tests
rzikm Apr 18, 2023
04dcff6
Code review feedback
rzikm Apr 20, 2023
a5c124b
Use unencoded hostname in user-facing properties/params
rzikm Apr 21, 2023
aae6f48
Fix failing tests
rzikm Apr 21, 2023
2fb014a
Revert unwanted changes
rzikm Apr 21, 2023
98b827b
Add test for IDN cert validation
rzikm Apr 21, 2023
15aa758
Fix test again
rzikm Apr 21, 2023
995949a
Fix trailing dot in hostname
rzikm Apr 24, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Add test for IDN cert validation
  • Loading branch information
@rzikm
rzikm committed Apr 21, 2023
commit 98b827b31a2751ad63e52c1ef4afccdbd184f417
45 changes: 45 additions & 0 deletions src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamSniTest.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
using System.IO;
using System.Linq;
using System.Net.Test.Common;
using System.Net.Sockets;
using System.Security.Authentication;
using System.Security.Cryptography.X509Certificates;
using System.Threading;
Expand Down Expand Up @@ -235,6 +236,49 @@ await TestConfiguration.WhenAllOrAnyFailedWithTimeout(
}
}

[Fact]
public async Task UnencodedHostName_ValidatesCertificate()
{
string rawHostname = "räksmörgås.josefsson.org";
string punycodeHostname = "xn--rksmrgs-5wao1o.josefsson.org";

var (serverCert, serverChain) = TestHelper.GenerateCertificates(punycodeHostname);
try
{
SslServerAuthenticationOptions serverOptions = new SslServerAuthenticationOptions()
{
ServerCertificateContext = SslStreamCertificateContext.Create(serverCert, serverChain),
};

SslClientAuthenticationOptions clientOptions = new ()
{
TargetHost = rawHostname,
CertificateChainPolicy = new X509ChainPolicy()
{
RevocationMode = X509RevocationMode.NoCheck,
TrustMode = X509ChainTrustMode.CustomRootTrust,
CustomTrustStore = { serverChain[serverChain.Count - 1] }
}
};

(SslStream client, SslStream server) = TestHelper.GetConnectedSslStreams();

await TestConfiguration.WhenAllOrAnyFailedWithTimeout(
client.AuthenticateAsClientAsync(clientOptions, default),
server.AuthenticateAsServerAsync(serverOptions, default));

await TestHelper.PingPong(client, server, default);
Assert.Equal(rawHostname, server.TargetHostName);
Assert.Equal(rawHostname, client.TargetHostName);
}
finally
{
serverCert.Dispose();
foreach (var c in serverChain) c.Dispose();
TestHelper.CleanupCertificates(rawHostname);
}
}

[Theory]
[InlineData("www-.volal.cz")]
[InlineData("www-.colorhexa.com")]
Expand Down Expand Up @@ -263,6 +307,7 @@ await TestConfiguration.WhenAllOrAnyFailedWithTimeout(

await TestHelper.PingPong(client, server, default);
Assert.Equal(name, server.TargetHostName);
Assert.Equal(name, client.TargetHostName);
}
}

Expand Down