diff --git a/policy/options_117_test.go b/policy/options_117_test.go new file mode 100644 index 00000000..bd3d287d --- /dev/null +++ b/policy/options_117_test.go @@ -0,0 +1,119 @@ +//go:build !go1.18 +// +build !go1.18 + +package policy + +import "testing" + +func Test_normalizeAndValidateURIDomainConstraint(t *testing.T) { + tests := []struct { + name string + constraint string + want string + wantErr bool + }{ + { + name: "fail/empty-constraint", + constraint: "", + want: "", + wantErr: true, + }, + { + name: "fail/scheme-https", + constraint: `https://*.local`, + want: "", + wantErr: true, + }, + { + name: "fail/too-many-asterisks", + constraint: "**.local", + want: "", + wantErr: true, + }, + { + name: "fail/empty-label", + constraint: "..local", + want: "", + wantErr: true, + }, + { + name: "fail/empty-reverse", + constraint: ".", + want: "", + wantErr: true, + }, + { + name: "fail/domain-with-port", + constraint: "host.local:8443", + want: "", + wantErr: true, + }, + { + name: "fail/ipv4", + constraint: "127.0.0.1", + want: "", + wantErr: true, + }, + { + name: "fail/ipv6-brackets", + constraint: "[::1]", + want: "", + wantErr: true, + }, + { + name: "fail/ipv6-no-brackets", + constraint: "::1", + want: "", + wantErr: true, + }, + { + name: "fail/ipv6-no-brackets", + constraint: "[::1", + want: "", + wantErr: true, + }, + { + name: "fail/idna-internationalized-domain-name-lookup", + constraint: `\00local`, + want: "", + wantErr: true, + }, + { + name: "ok/wildcard", + constraint: "*.local", + want: ".local", + wantErr: false, + }, + { + name: "ok/specific-domain", + constraint: "example.local", + want: "example.local", + wantErr: false, + }, + { + name: "ok/idna-internationalized-domain-name-lookup", + constraint: `*.bücher.example.com`, + want: ".xn--bcher-kva.example.com", + wantErr: false, + }, + { + // IDNA2003 vs. 2008 deviation: https://unicode.org/reports/tr46/#Deviations results + // in a difference between Go 1.18 and lower versions. Go 1.18 expects ".xn--fa-hia.de"; not .fass.de. + name: "ok/idna-internationalized-domain-name-lookup-deviation", + constraint: `*.faß.de`, + want: ".fass.de", + wantErr: false, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got, err := normalizeAndValidateURIDomainConstraint(tt.constraint) + if (err != nil) != tt.wantErr { + t.Errorf("normalizeAndValidateURIDomainConstraint() error = %v, wantErr %v", err, tt.wantErr) + } + if got != tt.want { + t.Errorf("normalizeAndValidateURIDomainConstraint() = %v, want %v", got, tt.want) + } + }) + } +} diff --git a/policy/options_118_test.go b/policy/options_118_test.go new file mode 100644 index 00000000..059f1177 --- /dev/null +++ b/policy/options_118_test.go @@ -0,0 +1,119 @@ +//go:build go1.18 +// +build go1.18 + +package policy + +import "testing" + +func Test_normalizeAndValidateURIDomainConstraint(t *testing.T) { + tests := []struct { + name string + constraint string + want string + wantErr bool + }{ + { + name: "fail/empty-constraint", + constraint: "", + want: "", + wantErr: true, + }, + { + name: "fail/scheme-https", + constraint: `https://*.local`, + want: "", + wantErr: true, + }, + { + name: "fail/too-many-asterisks", + constraint: "**.local", + want: "", + wantErr: true, + }, + { + name: "fail/empty-label", + constraint: "..local", + want: "", + wantErr: true, + }, + { + name: "fail/empty-reverse", + constraint: ".", + want: "", + wantErr: true, + }, + { + name: "fail/domain-with-port", + constraint: "host.local:8443", + want: "", + wantErr: true, + }, + { + name: "fail/ipv4", + constraint: "127.0.0.1", + want: "", + wantErr: true, + }, + { + name: "fail/ipv6-brackets", + constraint: "[::1]", + want: "", + wantErr: true, + }, + { + name: "fail/ipv6-no-brackets", + constraint: "::1", + want: "", + wantErr: true, + }, + { + name: "fail/ipv6-no-brackets", + constraint: "[::1", + want: "", + wantErr: true, + }, + { + name: "fail/idna-internationalized-domain-name-lookup", + constraint: `\00local`, + want: "", + wantErr: true, + }, + { + name: "ok/wildcard", + constraint: "*.local", + want: ".local", + wantErr: false, + }, + { + name: "ok/specific-domain", + constraint: "example.local", + want: "example.local", + wantErr: false, + }, + { + name: "ok/idna-internationalized-domain-name-lookup", + constraint: `*.bücher.example.com`, + want: ".xn--bcher-kva.example.com", + wantErr: false, + }, + { + // IDNA2003 vs. 2008 deviation: https://unicode.org/reports/tr46/#Deviations results + // in a difference between Go 1.18 and lower versions. Go 1.18 expects ".xn--fa-hia.de"; not .fass.de. + name: "ok/idna-internationalized-domain-name-lookup-deviation", + constraint: `*.faß.de`, + want: ".xn--fa-hia.de", + wantErr: false, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got, err := normalizeAndValidateURIDomainConstraint(tt.constraint) + if (err != nil) != tt.wantErr { + t.Errorf("normalizeAndValidateURIDomainConstraint() error = %v, wantErr %v", err, tt.wantErr) + } + if got != tt.want { + t.Errorf("normalizeAndValidateURIDomainConstraint() = %v, want %v", got, tt.want) + } + }) + } +} diff --git a/policy/options_test.go b/policy/options_test.go index 8a64f282..b7390545 100644 --- a/policy/options_test.go +++ b/policy/options_test.go @@ -184,117 +184,6 @@ func Test_normalizeAndValidateEmailConstraint(t *testing.T) { } } -func Test_normalizeAndValidateURIDomainConstraint(t *testing.T) { - tests := []struct { - name string - constraint string - want string - wantErr bool - }{ - { - name: "fail/empty-constraint", - constraint: "", - want: "", - wantErr: true, - }, - { - name: "fail/scheme-https", - constraint: `https://*.local`, - want: "", - wantErr: true, - }, - { - name: "fail/too-many-asterisks", - constraint: "**.local", - want: "", - wantErr: true, - }, - { - name: "fail/empty-label", - constraint: "..local", - want: "", - wantErr: true, - }, - { - name: "fail/empty-reverse", - constraint: ".", - want: "", - wantErr: true, - }, - { - name: "fail/domain-with-port", - constraint: "host.local:8443", - want: "", - wantErr: true, - }, - { - name: "fail/ipv4", - constraint: "127.0.0.1", - want: "", - wantErr: true, - }, - { - name: "fail/ipv6-brackets", - constraint: "[::1]", - want: "", - wantErr: true, - }, - { - name: "fail/ipv6-no-brackets", - constraint: "::1", - want: "", - wantErr: true, - }, - { - name: "fail/ipv6-no-brackets", - constraint: "[::1", - want: "", - wantErr: true, - }, - { - name: "fail/idna-internationalized-domain-name-lookup", - constraint: `\00local`, - want: "", - wantErr: true, - }, - { - name: "ok/wildcard", - constraint: "*.local", - want: ".local", - wantErr: false, - }, - { - name: "ok/specific-domain", - constraint: "example.local", - want: "example.local", - wantErr: false, - }, - { - name: "ok/idna-internationalized-domain-name-lookup", - constraint: `*.bücher.example.com`, - want: ".xn--bcher-kva.example.com", - wantErr: false, - }, - { - name: "ok/idna-internationalized-domain-name-lookup-deviation", - constraint: `*.faß.de`, - want: ".fass.de", // IDNA2003 vs. 2008 deviation: https://unicode.org/reports/tr46/#Deviations - wantErr: false, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - got, err := normalizeAndValidateURIDomainConstraint(tt.constraint) - if (err != nil) != tt.wantErr { - t.Errorf("normalizeAndValidateURIDomainConstraint() error = %v, wantErr %v", err, tt.wantErr) - } - if got != tt.want { - t.Errorf("normalizeAndValidateURIDomainConstraint() = %v, want %v", got, tt.want) - } - }) - } -} - func TestNew(t *testing.T) { type test struct { options []NamePolicyOption