[glib-networking] tests: updated server certificate and added UT for X509v3 SAN IP

[Dan Winship <danw src gnome org>]

commit 94c0f9b8e4d4d87a2e72ee34005a277b8e547a63
Author: Aleix Conchillo Flaqué <aconchillo gmail com>
Date:   Fri Jul 18 17:52:02 2014 +0200

    tests: updated server certificate and added UT for X509v3 SAN IP
    
    Updated server certificate by adding a X509v3 Subject Alternative Name
    using an IP address.
    
    A test case to verify that the IP is a valid identity for that
    certificate has been added.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=726596

 tls/tests/certificate.c            |    6 ++++++
 tls/tests/files/non-ca.pem         |   18 +++++++++---------
 tls/tests/files/server-and-key.pem |   32 ++++++++++++++++----------------
 tls/tests/files/server-key.der     |  Bin 320 -> 318 bytes
 tls/tests/files/server-key.pem     |   14 +++++++-------
 tls/tests/files/server.der         |  Bin 554 -> 571 bytes
 tls/tests/files/server.pem         |   18 +++++++++---------
 tls/tests/files/ssl/server.conf    |    4 ++++
 8 files changed, 51 insertions(+), 41 deletions(-)
---
diff --git a/tls/tests/certificate.c b/tls/tests/certificate.c
index bc18a08..56be9e1 100644
--- a/tls/tests/certificate.c
+++ b/tls/tests/certificate.c
@@ -307,6 +307,7 @@ static void
 test_verify_certificate_good (TestVerify      *test,
                               gconstpointer    data)
 {
+  GSocketConnectable *identity;
   GTlsCertificateFlags errors;
 
   errors = g_tls_certificate_verify (test->cert, test->identity, test->anchor);
@@ -314,6 +315,11 @@ test_verify_certificate_good (TestVerify      *test,
 
   errors = g_tls_certificate_verify (test->cert, NULL, test->anchor);
   g_assert_cmpuint (errors, ==, 0);
+
+  identity = g_network_address_new ("192.168.1.10", 80);
+  errors = g_tls_certificate_verify (test->cert, identity, test->anchor);
+  g_assert_cmpuint (errors, ==, 0);
+  g_object_unref (identity);
 }
 
 static void
diff --git a/tls/tests/files/non-ca.pem b/tls/tests/files/non-ca.pem
index 975ffba..2e990c2 100644
--- a/tls/tests/files/non-ca.pem
+++ b/tls/tests/files/non-ca.pem
@@ -60,18 +60,18 @@ H39pXiBnpiVmSaRUHMsszw==
 
 server.pem:
 -----BEGIN CERTIFICATE-----
-MIICJjCCAY+gAwIBAgIBATANBgkqhkiG9w0BAQsFADCBhjETMBEGCgmSJomT8ixk
+MIICNzCCAaCgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBhjETMBEGCgmSJomT8ixk
 ARkWA0NPTTEXMBUGCgmSJomT8ixkARkWB0VYQU1QTEUxHjAcBgNVBAsMFUNlcnRp
 ZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOY2EuZXhhbXBsZS5jb20xHTAbBgkq
-hkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tMB4XDTE0MDcxODE1MTU1MFoXDTM5MDcx
-MjE1MTU1MFowSzETMBEGCgmSJomT8ixkARkWA0NPTTEXMBUGCgmSJomT8ixkARkW
+hkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tMB4XDTE0MDcxODE1NDg0M1oXDTM5MDcx
+MjE1NDg0M1owSzETMBEGCgmSJomT8ixkARkWA0NPTTEXMBUGCgmSJomT8ixkARkW
 B0VYQU1QTEUxGzAZBgNVBAMMEnNlcnZlci5leGFtcGxlLmNvbTBcMA0GCSqGSIb3
-DQEBAQUAA0sAMEgCQQDAUI4hEDPatu3gIu+7GWekO2Rn5Dez761UKqO+BEzBPq+k
-0c4vM3zSxHSN+qs4GXo4c5NjE4B2bd4vBQbjdMxBAgMBAAGjIjAgMAkGA1UdEwQC
-MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQADgYEAaoEumI8o
-7LvXVznbhf5kBfFRVzxfSNdT6x6FXsPuODFNmoZpCkAROvzE2wDJwaDnFs2M+Nv8
-EKSxfjGdhuDYkgxIAneKXBSokE4RSW6jiS7tY3q+ksi2RlhpObqLbH8D0TstnTIB
-8sY/g7RSIZajYAYNzlJjWWntiXZp/ASRpBc=
+DQEBAQUAA0sAMEgCQQDYr/S4UqathXoTeBKb94cGUHph+2Qtlap+eONpInhAsfka
+NovCeCUmjHS/pOBOsKAdyckLhb/BAabX4qgFwIcfAgMBAAGjMzAxMAkGA1UdEwQC
+MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0RBAgwBocEwKgBCjANBgkqhkiG
+9w0BAQsFAAOBgQA2DvQ4t6ScSANCWNpCwLlG/Mzmv/Nu/95pivh/MSJha1Cr2zLy
+6yyzi1atmSXhRcEn63dUoYuPdrd5P679fQVyepQ1EEksa9TaEaf8GcfUQFnBxrqq
+h/Uky1rKIhFkboLF+3yASZ/V70MYl+Rr8RNa2VKilKNh5rFw6tqg/sBiNw==
 -----END CERTIFICATE-----
 
 server-self.pem:
diff --git a/tls/tests/files/server-and-key.pem b/tls/tests/files/server-and-key.pem
index 6a5984c..b6ea2af 100644
--- a/tls/tests/files/server-and-key.pem
+++ b/tls/tests/files/server-and-key.pem
@@ -1,23 +1,23 @@
 -----BEGIN CERTIFICATE-----
-MIICJjCCAY+gAwIBAgIBATANBgkqhkiG9w0BAQsFADCBhjETMBEGCgmSJomT8ixk
+MIICNzCCAaCgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBhjETMBEGCgmSJomT8ixk
 ARkWA0NPTTEXMBUGCgmSJomT8ixkARkWB0VYQU1QTEUxHjAcBgNVBAsMFUNlcnRp
 ZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOY2EuZXhhbXBsZS5jb20xHTAbBgkq
-hkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tMB4XDTE0MDcxODE1MTU1MFoXDTM5MDcx
-MjE1MTU1MFowSzETMBEGCgmSJomT8ixkARkWA0NPTTEXMBUGCgmSJomT8ixkARkW
+hkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tMB4XDTE0MDcxODE1NDg0M1oXDTM5MDcx
+MjE1NDg0M1owSzETMBEGCgmSJomT8ixkARkWA0NPTTEXMBUGCgmSJomT8ixkARkW
 B0VYQU1QTEUxGzAZBgNVBAMMEnNlcnZlci5leGFtcGxlLmNvbTBcMA0GCSqGSIb3
-DQEBAQUAA0sAMEgCQQDAUI4hEDPatu3gIu+7GWekO2Rn5Dez761UKqO+BEzBPq+k
-0c4vM3zSxHSN+qs4GXo4c5NjE4B2bd4vBQbjdMxBAgMBAAGjIjAgMAkGA1UdEwQC
-MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQADgYEAaoEumI8o
-7LvXVznbhf5kBfFRVzxfSNdT6x6FXsPuODFNmoZpCkAROvzE2wDJwaDnFs2M+Nv8
-EKSxfjGdhuDYkgxIAneKXBSokE4RSW6jiS7tY3q+ksi2RlhpObqLbH8D0TstnTIB
-8sY/g7RSIZajYAYNzlJjWWntiXZp/ASRpBc=
+DQEBAQUAA0sAMEgCQQDYr/S4UqathXoTeBKb94cGUHph+2Qtlap+eONpInhAsfka
+NovCeCUmjHS/pOBOsKAdyckLhb/BAabX4qgFwIcfAgMBAAGjMzAxMAkGA1UdEwQC
+MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0RBAgwBocEwKgBCjANBgkqhkiG
+9w0BAQsFAAOBgQA2DvQ4t6ScSANCWNpCwLlG/Mzmv/Nu/95pivh/MSJha1Cr2zLy
+6yyzi1atmSXhRcEn63dUoYuPdrd5P679fQVyepQ1EEksa9TaEaf8GcfUQFnBxrqq
+h/Uky1rKIhFkboLF+3yASZ/V70MYl+Rr8RNa2VKilKNh5rFw6tqg/sBiNw==
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAMBQjiEQM9q27eAi77sZZ6Q7ZGfkN7PvrVQqo74ETME+r6TRzi8z
-fNLEdI36qzgZejhzk2MTgHZt3i8FBuN0zEECAwEAAQJAb0GrF+GhvhQ6BYLwoZMO
-7GoXqirTNtufsKOCWvlt1hUEjZ4zkW5AV8H4p8Hn+Ts32juUAlqR9qC5BZWYIfYN
-aQIhAP9ow++v/XiHwY10Z41q4Qc0pNQDo0HsarsZLjXxaYN/AiEAwMJuCdIurAd5
-d5xVHsefJ770C23e3nLETd1cNop6kD8CIQCr/nv729LgKONxg5L8S54QASaCU5TM
-Hw3cwt84mkKItwIhAL8ynE9liiHdMCDykoP7YeTcxdloW/6uPAU4IrV+2l+lAiEA
-r1t5eaEdJHwNyefGFeMbPEy+UkUZY7qfp9eXmgarT7g=
+MIIBOgIBAAJBANiv9LhSpq2FehN4Epv3hwZQemH7ZC2Vqn5442kieECx+Ro2i8J4
+JSaMdL+k4E6woB3JyQuFv8EBptfiqAXAhx8CAwEAAQJAEMr6JTrKjhIVFuMsVggF
+39hm06ce6WV69Bg8T46LUUAVM39HdsNDIRkhYXExpQUmiYRFzcrLF1ot8S/4u889
+yQIhAOwDbAqT2QrEcGIWi8aZP1N5gDv8h67UcHBcftveklC7AiEA6wmPopj8qFoh
+/xM4GCKtdAYUdbfqUFMTFo7ZmD+Tvu0CIBafdVnGNkXL8qHUW22b/u/3c41MdY0S
+m/yJQTe+K/RFAiAoStxP0JBHwCPh2YadRJydrkkloSDPIl68WELfQc7vRQIhAM9E
+FvuChciFJzfnNNzKpH93hH9f2YMDsVWvgz0fIRz0
 -----END RSA PRIVATE KEY-----
diff --git a/tls/tests/files/server-key.der b/tls/tests/files/server-key.der
index cdca53c..31c1ea0 100644
Binary files a/tls/tests/files/server-key.der and b/tls/tests/files/server-key.der differ
diff --git a/tls/tests/files/server-key.pem b/tls/tests/files/server-key.pem
index 7f720a6..0f167a7 100644
--- a/tls/tests/files/server-key.pem
+++ b/tls/tests/files/server-key.pem
@@ -1,9 +1,9 @@
 -----BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAMBQjiEQM9q27eAi77sZZ6Q7ZGfkN7PvrVQqo74ETME+r6TRzi8z
-fNLEdI36qzgZejhzk2MTgHZt3i8FBuN0zEECAwEAAQJAb0GrF+GhvhQ6BYLwoZMO
-7GoXqirTNtufsKOCWvlt1hUEjZ4zkW5AV8H4p8Hn+Ts32juUAlqR9qC5BZWYIfYN
-aQIhAP9ow++v/XiHwY10Z41q4Qc0pNQDo0HsarsZLjXxaYN/AiEAwMJuCdIurAd5
-d5xVHsefJ770C23e3nLETd1cNop6kD8CIQCr/nv729LgKONxg5L8S54QASaCU5TM
-Hw3cwt84mkKItwIhAL8ynE9liiHdMCDykoP7YeTcxdloW/6uPAU4IrV+2l+lAiEA
-r1t5eaEdJHwNyefGFeMbPEy+UkUZY7qfp9eXmgarT7g=
+MIIBOgIBAAJBANiv9LhSpq2FehN4Epv3hwZQemH7ZC2Vqn5442kieECx+Ro2i8J4
+JSaMdL+k4E6woB3JyQuFv8EBptfiqAXAhx8CAwEAAQJAEMr6JTrKjhIVFuMsVggF
+39hm06ce6WV69Bg8T46LUUAVM39HdsNDIRkhYXExpQUmiYRFzcrLF1ot8S/4u889
+yQIhAOwDbAqT2QrEcGIWi8aZP1N5gDv8h67UcHBcftveklC7AiEA6wmPopj8qFoh
+/xM4GCKtdAYUdbfqUFMTFo7ZmD+Tvu0CIBafdVnGNkXL8qHUW22b/u/3c41MdY0S
+m/yJQTe+K/RFAiAoStxP0JBHwCPh2YadRJydrkkloSDPIl68WELfQc7vRQIhAM9E
+FvuChciFJzfnNNzKpH93hH9f2YMDsVWvgz0fIRz0
 -----END RSA PRIVATE KEY-----
diff --git a/tls/tests/files/server.der b/tls/tests/files/server.der
index c87dba1..cbee9a6 100644
Binary files a/tls/tests/files/server.der and b/tls/tests/files/server.der differ
diff --git a/tls/tests/files/server.pem b/tls/tests/files/server.pem
index 144edb5..e749e63 100644
--- a/tls/tests/files/server.pem
+++ b/tls/tests/files/server.pem
@@ -1,14 +1,14 @@
 -----BEGIN CERTIFICATE-----
-MIICJjCCAY+gAwIBAgIBATANBgkqhkiG9w0BAQsFADCBhjETMBEGCgmSJomT8ixk
+MIICNzCCAaCgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBhjETMBEGCgmSJomT8ixk
 ARkWA0NPTTEXMBUGCgmSJomT8ixkARkWB0VYQU1QTEUxHjAcBgNVBAsMFUNlcnRp
 ZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOY2EuZXhhbXBsZS5jb20xHTAbBgkq
-hkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tMB4XDTE0MDcxODE1MTU1MFoXDTM5MDcx
-MjE1MTU1MFowSzETMBEGCgmSJomT8ixkARkWA0NPTTEXMBUGCgmSJomT8ixkARkW
+hkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tMB4XDTE0MDcxODE1NDg0M1oXDTM5MDcx
+MjE1NDg0M1owSzETMBEGCgmSJomT8ixkARkWA0NPTTEXMBUGCgmSJomT8ixkARkW
 B0VYQU1QTEUxGzAZBgNVBAMMEnNlcnZlci5leGFtcGxlLmNvbTBcMA0GCSqGSIb3
-DQEBAQUAA0sAMEgCQQDAUI4hEDPatu3gIu+7GWekO2Rn5Dez761UKqO+BEzBPq+k
-0c4vM3zSxHSN+qs4GXo4c5NjE4B2bd4vBQbjdMxBAgMBAAGjIjAgMAkGA1UdEwQC
-MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQADgYEAaoEumI8o
-7LvXVznbhf5kBfFRVzxfSNdT6x6FXsPuODFNmoZpCkAROvzE2wDJwaDnFs2M+Nv8
-EKSxfjGdhuDYkgxIAneKXBSokE4RSW6jiS7tY3q+ksi2RlhpObqLbH8D0TstnTIB
-8sY/g7RSIZajYAYNzlJjWWntiXZp/ASRpBc=
+DQEBAQUAA0sAMEgCQQDYr/S4UqathXoTeBKb94cGUHph+2Qtlap+eONpInhAsfka
+NovCeCUmjHS/pOBOsKAdyckLhb/BAabX4qgFwIcfAgMBAAGjMzAxMAkGA1UdEwQC
+MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0RBAgwBocEwKgBCjANBgkqhkiG
+9w0BAQsFAAOBgQA2DvQ4t6ScSANCWNpCwLlG/Mzmv/Nu/95pivh/MSJha1Cr2zLy
+6yyzi1atmSXhRcEn63dUoYuPdrd5P679fQVyepQ1EEksa9TaEaf8GcfUQFnBxrqq
+h/Uky1rKIhFkboLF+3yASZ/V70MYl+Rr8RNa2VKilKNh5rFw6tqg/sBiNw==
 -----END CERTIFICATE-----
diff --git a/tls/tests/files/ssl/server.conf b/tls/tests/files/ssl/server.conf
index 1de63a8..6a98029 100644
--- a/tls/tests/files/ssl/server.conf
+++ b/tls/tests/files/ssl/server.conf
@@ -21,3 +21,7 @@ extendedKeyUsage        = serverAuth
 [ v3_req_ext ]
 basicConstraints        = CA:false
 extendedKeyUsage        = serverAuth
+subjectAltName          = @alt_names
+
+[ alt_names ]
+IP.0                    = 192.168.1.10