github.com/zmap/zlint@v1.1.0/lints/lint_dnsname_right_label_valid_tld_test.go (about) 1 package lints 2 3 /* 4 * ZLint Copyright 2018 Regents of the University of Michigan 5 * 6 * Licensed under the Apache License, Version 2.0 (the "License"); you may not 7 * use this file except in compliance with the License. You may obtain a copy 8 * of the License at http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 13 * implied. See the License for the specific language governing 14 * permissions and limitations under the License. 15 */ 16 17 import ( 18 "testing" 19 ) 20 21 func TestDNSNameValidTLD(t *testing.T) { 22 inputPath := "../testlint/testCerts/dnsNameValidTLD.pem" 23 expected := Pass 24 out := Lints["e_dnsname_not_valid_tld"].Execute(ReadCertificate(inputPath)) 25 if out.Status != expected { 26 t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status) 27 } 28 } 29 30 func TestDNSNameNotValidTLD(t *testing.T) { 31 inputPath := "../testlint/testCerts/dnsNameNotValidTLD.pem" 32 expected := Error 33 out := Lints["e_dnsname_not_valid_tld"].Execute(ReadCertificate(inputPath)) 34 if out.Status != expected { 35 t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status) 36 } 37 } 38 39 // TestDNSNameNotYetValidTLD lints a certificate that was issued for a DNS name 40 // with a TLD that was not yet delegated at the time the certificate was issued, 41 // expecting an error. 42 func TestDNSNameNotYetValidTLD(t *testing.T) { 43 inputPath := "../testlint/testCerts/dnsNameNotYetValidTLD.pem" 44 expected := Error 45 out := Lints["e_dnsname_not_valid_tld"].Execute(ReadCertificate(inputPath)) 46 if out.Status != expected { 47 t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status) 48 } 49 } 50 51 // TestDNSNAmeNoLongerValidTLD lints a certificate that was issued for a DNS 52 // name with a TLD whose delegation was removed from the root DNS at the time 53 // the certificate was issued, expecting an error. 54 func TestDNSNameNoLongerValidTLD(t *testing.T) { 55 inputPath := "../testlint/testCerts/dnsNameNoLongerValidTLD.pem" 56 expected := Error 57 out := Lints["e_dnsname_not_valid_tld"].Execute(ReadCertificate(inputPath)) 58 if out.Status != expected { 59 t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status) 60 } 61 } 62 63 // TestDNSNameWasValidTLD lints a certificate that was issued for a DNS name 64 // with a TLD whose delegation was removed from the root DNS, but not until 65 // after the certificate was issued, expecting no error. 66 func TestDNSNameWasValidTLD(t *testing.T) { 67 inputPath := "../testlint/testCerts/dnsNameWasValidTLD.pem" 68 expected := Pass 69 out := Lints["e_dnsname_not_valid_tld"].Execute(ReadCertificate(inputPath)) 70 if out.Status != expected { 71 t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status) 72 } 73 } 74 75 // TestDNSNameOnionTLD lints a certificate that was issued for a DNS name with 76 // a .onion TLD. This ensures the special casing of the .onion gTLD is handled 77 // correctly and isn't omitted simply because it is not an ICANN/IANA delegated 78 // TLD. 79 func TestDNSNameOnionTLD(t *testing.T) { 80 inputPath := "../testlint/testCerts/dnsNameOnionTLD.pem" 81 expected := Pass 82 out := Lints["e_dnsname_not_valid_tld"].Execute(ReadCertificate(inputPath)) 83 if out.Status != expected { 84 t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status) 85 } 86 } 87 88 func TestDNSNameWithIPInCommonName(t *testing.T) { 89 inputPath := "../testlint/testCerts/dnsNameWithIPInCN.pem" 90 expected := Pass 91 out := Lints["e_dnsname_not_valid_tld"].Execute(ReadCertificate(inputPath)) 92 if out.Status != expected { 93 t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status) 94 } 95 }