return match == expected;
}
+static char* rdn_matching[] = { NULL, "reordered", "relaxed" };
+
+static struct {
+ char *id;
+ id_match_t match[3];
+} matches_data[] = {
+ /* C=CH, E=moon@strongswan.org, CN=moon */
+ { "C=CH, E=moon@strongswan.org, CN=moon", {
+ ID_MATCH_PERFECT, ID_MATCH_PERFECT, ID_MATCH_PERFECT }},
+ { "C=CH, email=moon@strongswan.org, CN=moon", {
+ ID_MATCH_PERFECT, ID_MATCH_PERFECT, ID_MATCH_PERFECT }},
+ { "C=CH, emailAddress=moon@strongswan.org, CN=moon", {
+ ID_MATCH_PERFECT, ID_MATCH_PERFECT, ID_MATCH_PERFECT }},
+ { "CN=moon, C=CH, E=moon@strongswan.org", {
+ ID_MATCH_NONE, ID_MATCH_PERFECT, ID_MATCH_PERFECT }},
+ { "C=CH, E=*@strongswan.org, CN=moon", {
+ ID_MATCH_NONE, ID_MATCH_NONE, ID_MATCH_NONE }},
+ { "C=CH, E=*, CN=moon", {
+ ID_MATCH_ONE_WILDCARD, ID_MATCH_ONE_WILDCARD, ID_MATCH_ONE_WILDCARD }},
+ { "C=CH, E=*, CN=*", {
+ ID_MATCH_ONE_WILDCARD - 1, ID_MATCH_ONE_WILDCARD - 1, ID_MATCH_ONE_WILDCARD - 1 }},
+ { "C=*, E=*, CN=*", {
+ ID_MATCH_ONE_WILDCARD - 2, ID_MATCH_ONE_WILDCARD - 2, ID_MATCH_ONE_WILDCARD - 2 }},
+ { "C=*, E=*, CN=*, O=BADInc", {
+ ID_MATCH_NONE, ID_MATCH_NONE, ID_MATCH_NONE }},
+ { "C=CH, CN=*", {
+ ID_MATCH_NONE, ID_MATCH_NONE, ID_MATCH_ONE_WILDCARD - 1 }},
+ { "C=*, E=*", {
+ ID_MATCH_NONE, ID_MATCH_NONE, ID_MATCH_ONE_WILDCARD - 2 }},
+ { "C=*, E=a@b.c, CN=*", {
+ ID_MATCH_NONE, ID_MATCH_NONE, ID_MATCH_NONE }},
+ { "C=CH, O=strongSwan, E=*, CN=*", {
+ ID_MATCH_NONE, ID_MATCH_NONE, ID_MATCH_NONE }},
+ { "", {
+ ID_MATCH_ANY, ID_MATCH_ANY, ID_MATCH_ANY }},
+ { "%any", {
+ ID_MATCH_ANY, ID_MATCH_ANY, ID_MATCH_ANY }},
+};
+
START_TEST(test_matches)
{
identification_t *a;
+ int i;
+
+ if (rdn_matching[_i])
+ {
+ lib->settings->set_str(lib->settings, "%s.rdn_matching",
+ rdn_matching[_i], lib->ns);
+ }
a = identification_create_from_string("C=CH, E=moon@strongswan.org, CN=moon");
- ck_assert(id_matches(a, "C=CH, E=moon@strongswan.org, CN=moon", ID_MATCH_PERFECT));
- ck_assert(id_matches(a, "C=CH, email=moon@strongswan.org, CN=moon", ID_MATCH_PERFECT));
- ck_assert(id_matches(a, "C=CH, emailAddress=moon@strongswan.org, CN=moon", ID_MATCH_PERFECT));
- ck_assert(id_matches(a, "C=CH, E=*@strongswan.org, CN=moon", ID_MATCH_NONE));
- ck_assert(id_matches(a, "C=CH, E=*, CN=moon", ID_MATCH_ONE_WILDCARD));
- ck_assert(id_matches(a, "C=CH, E=*, CN=*", ID_MATCH_ONE_WILDCARD - 1));
- ck_assert(id_matches(a, "C=*, E=*, CN=*", ID_MATCH_ONE_WILDCARD - 2));
- ck_assert(id_matches(a, "C=*, E=*, CN=*, O=BADInc", ID_MATCH_NONE));
- ck_assert(id_matches(a, "C=*, E=*", ID_MATCH_NONE));
- ck_assert(id_matches(a, "C=*, E=a@b.c, CN=*", ID_MATCH_NONE));
- ck_assert(id_matches(a, "%any", ID_MATCH_ANY));
+ for (i = 0; i < countof(matches_data); i++)
+ {
+ ck_assert(id_matches(a, matches_data[i].id, matches_data[i].match[_i]));
+ }
+
+ a->destroy(a);
+}
+END_TEST
+
+static struct {
+ char *id;
+ id_match_t match[3];
+} matches_two_ou_data[] = {
+ /* C=CH, OU=Research, OU=Floor A, CN=moon */
+ { "C=CH, OU=Research, OU=Floor A, CN=moon", {
+ ID_MATCH_PERFECT, ID_MATCH_PERFECT, ID_MATCH_PERFECT }},
+ { "C=CH, OU=Floor A, CN=moon", {
+ ID_MATCH_NONE, ID_MATCH_NONE, ID_MATCH_ONE_WILDCARD }},
+ { "C=CH, CN=moon", {
+ ID_MATCH_NONE, ID_MATCH_NONE, ID_MATCH_ONE_WILDCARD - 1 }},
+ { "C=CH, OU=*, CN=moon", {
+ ID_MATCH_NONE, ID_MATCH_NONE, ID_MATCH_ONE_WILDCARD - 1 }},
+ { "C=CH, OU=*, OU=*, CN=moon", {
+ ID_MATCH_ONE_WILDCARD - 1, ID_MATCH_ONE_WILDCARD - 1, ID_MATCH_ONE_WILDCARD - 1 }},
+ { "C=CH, OU=Research, OU=*, CN=moon", {
+ ID_MATCH_ONE_WILDCARD, ID_MATCH_ONE_WILDCARD, ID_MATCH_ONE_WILDCARD }},
+ { "C=CH, OU=*, OU=Floor A, CN=moon", {
+ ID_MATCH_ONE_WILDCARD, ID_MATCH_ONE_WILDCARD, ID_MATCH_ONE_WILDCARD }},
+ { "C=CH, OU=*, OU=Research, CN=moon", {
+ ID_MATCH_NONE, ID_MATCH_ONE_WILDCARD, ID_MATCH_ONE_WILDCARD }},
+ { "C=CH, OU=Floor A, OU=*, CN=moon", {
+ ID_MATCH_NONE, ID_MATCH_ONE_WILDCARD, ID_MATCH_ONE_WILDCARD }},
+ { "C=CH, OU=Floor A, OU=Research, CN=moon", {
+ ID_MATCH_NONE, ID_MATCH_PERFECT, ID_MATCH_PERFECT }},
+};
+
+START_TEST(test_matches_two_ou)
+{
+ identification_t *a;
+ int i;
+
+ if (rdn_matching[_i])
+ {
+ lib->settings->set_str(lib->settings, "%s.rdn_matching",
+ rdn_matching[_i], lib->ns);
+ }
+
+ a = identification_create_from_string("C=CH, OU=Research, OU=Floor A, CN=moon");
+
+ for (i = 0; i < countof(matches_two_ou_data); i++)
+ {
+ ck_assert(id_matches(a, matches_two_ou_data[i].id, matches_two_ou_data[i].match[_i]));
+ }
a->destroy(a);
}
suite_add_tcase(s, tc);
tc = tcase_create("matches");
- tcase_add_test(tc, test_matches);
+ tcase_add_loop_test(tc, test_matches, 0, countof(rdn_matching));
+ tcase_add_loop_test(tc, test_matches_two_ou, 0, countof(rdn_matching));
tcase_add_test(tc, test_matches_any);
tcase_add_test(tc, test_matches_binary);
tcase_add_test(tc, test_matches_range);
projects / thirdparty / strongswan.git / blobdiff