certificates/policy/options_117_test.go
Herman Slatman 5f0dc42b1e
Fix tests on Go 1.18 due to IDNA deviations
In Go 1.18 the behavior for looking up domains with non-ASCII
characters was changed to be in accordance with UTS#46
(https://unicode.org/reports/tr46/). There's a slight difference
in how IDNA2003 and IDNA2008 process these. Go 1.18 handles
the deviations in accordance with IDNA2008 now.
2022-03-31 17:16:11 +02:00

119 lines
2.6 KiB
Go

//go:build !go1.18
// +build !go1.18
package policy
import "testing"
func Test_normalizeAndValidateURIDomainConstraint(t *testing.T) {
tests := []struct {
name string
constraint string
want string
wantErr bool
}{
{
name: "fail/empty-constraint",
constraint: "",
want: "",
wantErr: true,
},
{
name: "fail/scheme-https",
constraint: `https://*.local`,
want: "",
wantErr: true,
},
{
name: "fail/too-many-asterisks",
constraint: "**.local",
want: "",
wantErr: true,
},
{
name: "fail/empty-label",
constraint: "..local",
want: "",
wantErr: true,
},
{
name: "fail/empty-reverse",
constraint: ".",
want: "",
wantErr: true,
},
{
name: "fail/domain-with-port",
constraint: "host.local:8443",
want: "",
wantErr: true,
},
{
name: "fail/ipv4",
constraint: "127.0.0.1",
want: "",
wantErr: true,
},
{
name: "fail/ipv6-brackets",
constraint: "[::1]",
want: "",
wantErr: true,
},
{
name: "fail/ipv6-no-brackets",
constraint: "::1",
want: "",
wantErr: true,
},
{
name: "fail/ipv6-no-brackets",
constraint: "[::1",
want: "",
wantErr: true,
},
{
name: "fail/idna-internationalized-domain-name-lookup",
constraint: `\00local`,
want: "",
wantErr: true,
},
{
name: "ok/wildcard",
constraint: "*.local",
want: ".local",
wantErr: false,
},
{
name: "ok/specific-domain",
constraint: "example.local",
want: "example.local",
wantErr: false,
},
{
name: "ok/idna-internationalized-domain-name-lookup",
constraint: `*.bücher.example.com`,
want: ".xn--bcher-kva.example.com",
wantErr: false,
},
{
// IDNA2003 vs. 2008 deviation: https://unicode.org/reports/tr46/#Deviations results
// in a difference between Go 1.18 and lower versions. Go 1.18 expects ".xn--fa-hia.de"; not .fass.de.
name: "ok/idna-internationalized-domain-name-lookup-deviation",
constraint: `*.faß.de`,
want: ".fass.de",
wantErr: false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
got, err := normalizeAndValidateURIDomainConstraint(tt.constraint)
if (err != nil) != tt.wantErr {
t.Errorf("normalizeAndValidateURIDomainConstraint() error = %v, wantErr %v", err, tt.wantErr)
}
if got != tt.want {
t.Errorf("normalizeAndValidateURIDomainConstraint() = %v, want %v", got, tt.want)
}
})
}
}