Snap for 7132927 from 309ac34aee99c50730e86058e8bc57c6cff32d34 to mainline-os-statsd-release
Change-Id: I1a7edcf2dabe4fa56f98f5be0c3b61aee403cd7e
diff --git a/harmony-tests/src/test/java/org/apache/harmony/tests/javax/net/ssl/HostnameVerifierTest.java b/harmony-tests/src/test/java/org/apache/harmony/tests/javax/net/ssl/HostnameVerifierTest.java
index 96384ad..44572ab 100644
--- a/harmony-tests/src/test/java/org/apache/harmony/tests/javax/net/ssl/HostnameVerifierTest.java
+++ b/harmony-tests/src/test/java/org/apache/harmony/tests/javax/net/ssl/HostnameVerifierTest.java
@@ -40,104 +40,6 @@
assertFalse(hv.verify("localhost", session));
}
- // copied and modified from apache http client test suite.
- public void testVerify() throws Exception {
- HostnameVerifier verifier = HttpsURLConnection.getDefaultHostnameVerifier();
- CertificateFactory cf = CertificateFactory.getInstance("X.509");
- InputStream in;
- X509Certificate x509;
- // CN=foo.com, no subjectAlt
- in = new ByteArrayInputStream(X509_FOO);
- x509 = (X509Certificate) cf.generateCertificate(in);
- mySSLSession session = new mySSLSession(new X509Certificate[] {x509});
- assertFalse(verifier.verify("foo.com", session));
- assertFalse(verifier.verify("a.foo.com", session));
- assertFalse(verifier.verify("bar.com", session));
-
- // CN=花子.co.jp, no subjectAlt
- in = new ByteArrayInputStream(X509_HANAKO);
- x509 = (X509Certificate) cf.generateCertificate(in);
- session = new mySSLSession(new X509Certificate[] {x509});
- assertFalse(verifier.verify("\u82b1\u5b50.co.jp", session));
- assertFalse(verifier.verify("a.\u82b1\u5b50.co.jp", session));
-
- // CN=foo.com, subjectAlt=bar.com
- in = new ByteArrayInputStream(X509_FOO_BAR);
- x509 = (X509Certificate) cf.generateCertificate(in);
- session = new mySSLSession(new X509Certificate[] {x509});
- assertFalse(verifier.verify("foo.com", session));
- assertFalse(verifier.verify("a.foo.com", session));
- assertTrue(verifier.verify("bar.com", session));
- assertFalse(verifier.verify("a.bar.com", session));
-
- // CN=foo.com, subjectAlt=bar.com, subjectAlt=花子.co.jp
- in = new ByteArrayInputStream(X509_FOO_BAR_HANAKO);
- x509 = (X509Certificate) cf.generateCertificate(in);
- session = new mySSLSession(new X509Certificate[] {x509});
- assertFalse(verifier.verify("foo.com", session));
- assertFalse(verifier.verify("a.foo.com", session));
- assertTrue(verifier.verify("bar.com", session));
- assertFalse(verifier.verify("a.bar.com", session));
- // The certificate has this name in the altnames section, but OkHostnameVerifier drops
- // any altnames that are improperly encoded according to RFC 5280, which requires
- // non-ASCII characters to be encoded in ASCII via Punycode.
- assertFalse(verifier.verify("\u82b1\u5b50.co.jp", session));
- assertFalse(verifier.verify("a.\u82b1\u5b50.co.jp", session));
-
- // no CN, subjectAlt=foo.com
- in = new ByteArrayInputStream(X509_NO_CNS_FOO);
- x509 = (X509Certificate) cf.generateCertificate(in);
- session = new mySSLSession(new X509Certificate[] {x509});
- assertTrue(verifier.verify("foo.com", session));
- assertFalse(verifier.verify("a.foo.com", session));
-
- // CN=foo.com, CN=bar.com, CN=花子.co.jp, no subjectAlt
- in = new ByteArrayInputStream(X509_THREE_CNS_FOO_BAR_HANAKO);
- x509 = (X509Certificate) cf.generateCertificate(in);
- session = new mySSLSession(new X509Certificate[] {x509});
- assertFalse(verifier.verify("foo.com", session));
- assertFalse(verifier.verify("a.foo.com", session));
- assertFalse(verifier.verify("bar.com", session));
- assertFalse(verifier.verify("a.bar.com", session));
- assertFalse(verifier.verify("\u82b1\u5b50.co.jp", session));
- assertFalse(verifier.verify("a.\u82b1\u5b50.co.jp", session));
-
- // CN=*.foo.com, no subjectAlt
- in = new ByteArrayInputStream(X509_WILD_FOO);
- x509 = (X509Certificate) cf.generateCertificate(in);
- session = new mySSLSession(new X509Certificate[] {x509});
- assertFalse(verifier.verify("foo.com", session));
- assertFalse(verifier.verify("www.foo.com", session));
- assertFalse(verifier.verify("\u82b1\u5b50.foo.com", session));
- assertFalse(verifier.verify("a.b.foo.com", session));
-
- // CN=*.co.jp, no subjectAlt
- in = new ByteArrayInputStream(X509_WILD_CO_JP);
- x509 = (X509Certificate) cf.generateCertificate(in);
- session = new mySSLSession(new X509Certificate[] {x509});
- assertFalse(verifier.verify("foo.co.jp", session));
- assertFalse(verifier.verify("\u82b1\u5b50.co.jp", session));
-
- // CN=*.foo.com, subjectAlt=*.bar.com, subjectAlt=花子.co.jp
- in = new ByteArrayInputStream(X509_WILD_FOO_BAR_HANAKO);
- x509 = (X509Certificate) cf.generateCertificate(in);
- session = new mySSLSession(new X509Certificate[] {x509});
- // try the foo.com variations
- assertFalse(verifier.verify("foo.com", session));
- assertFalse(verifier.verify("www.foo.com", session));
- assertFalse(verifier.verify("\u82b1\u5b50.foo.com", session));
- assertFalse(verifier.verify("a.b.foo.com", session));
- assertFalse(verifier.verify("bar.com", session));
- assertTrue(verifier.verify("www.bar.com", session));
- assertFalse(verifier.verify("a.b.bar.com", session));
- // The certificate has this name in the altnames section, but OkHostnameVerifier drops
- // any altnames that are improperly encoded according to RFC 5280, which requires
- // non-ASCII characters to be encoded in ASCII via Punycode.
- assertFalse(verifier.verify("\u82b1\u5b50.bar.com", session));
- assertFalse(verifier.verify("\u82b1\u5b50.co.jp", session));
- assertFalse(verifier.verify("a.\u82b1\u5b50.co.jp", session));
- }
-
public void testSubjectAlt() throws Exception {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream in = new ByteArrayInputStream(X509_MULTIPLE_SUBJECT_ALT);
