← Back to branch summary

~bzr-pqm/bzr/bzr.dev

« back to all changes in this revision

Viewing changes to bzrlib/tests/test_https_urllib.py

  • Committer: Richard Wilbur
  • Date: 2016-02-04 19:07:28 UTC
  • mto: This revision was merged to the branch mainline in revision 6618.
  • Revision ID: richard.wilbur@gmail.com-20160204190728-p0zvfii6zase0fw7
Update COPYING.txt from the original http://www.gnu.org/licenses/gpl-2.0.txt  (Only differences were in whitespace.)  Thanks to Petr Stodulka for pointing out the discrepancy.

Show diffs side-by-side

added added

removed removed

Lines of Context:
bzrlib/tests/test_https_urllib.py
1
 
# Copyright (C) 2011, 2012, 2013, 2016 Canonical Ltd
 
1
# Copyright (C) 2011,2012 Canonical Ltd
2
2
#
3
3
# This program is free software; you can redistribute it and/or modify
4
4
# it under the terms of the GNU General Public License as published by
19
19
"""
20
20
 
21
21
import os
22
 
import sys
 
22
import ssl
23
23
 
24
24
from bzrlib import (
25
25
    config,
26
26
    trace,
27
 
)
 
27
    )
28
28
from bzrlib.errors import (
 
29
    CertificateError,
29
30
    ConfigOptionValueError,
30
 
)
31
 
from bzrlib import tests
 
31
    )
 
32
from bzrlib.tests import (
 
33
    TestCase,
 
34
    TestCaseInTempDir,
 
35
    )
32
36
from bzrlib.transport.http import _urllib2_wrappers
33
 
from bzrlib.transport.http._urllib2_wrappers import ssl
34
 
 
35
 
 
36
 
class CaCertsConfigTests(tests.TestCaseInTempDir):
 
37
 
 
38
 
 
39
class CaCertsConfigTests(TestCaseInTempDir):
37
40
 
38
41
    def get_stack(self, content):
39
42
        return config.MemoryStack(content.encode('utf-8'))
47
50
        self.build_tree(['cacerts.pem'])
48
51
        path = os.path.join(self.test_dir, "cacerts.pem")
49
52
        stack = self.get_stack("ssl.ca_certs = %s\n" % path)
50
 
        self.assertEqual(path, stack.get('ssl.ca_certs'))
 
53
        self.assertEquals(path, stack.get('ssl.ca_certs'))
51
54
 
52
55
    def test_specified_doesnt_exist(self):
53
56
        stack = self.get_stack('')
55
58
        self.overrideAttr(_urllib2_wrappers.opt_ssl_ca_certs, 'default',
56
59
                          os.path.join(self.test_dir, u"nonexisting.pem"))
57
60
        self.warnings = []
58
 
 
59
61
        def warning(*args):
60
62
            self.warnings.append(args[0] % args[1:])
61
63
        self.overrideAttr(trace, 'warning', warning)
62
 
        self.assertEqual(None, stack.get('ssl.ca_certs'))
 
64
        self.assertEquals(None, stack.get('ssl.ca_certs'))
63
65
        self.assertLength(1, self.warnings)
64
66
        self.assertContainsRe(self.warnings[0],
65
67
                              "is not valid for \"ssl.ca_certs\"")
66
68
 
67
69
 
68
 
class CertReqsConfigTests(tests.TestCaseInTempDir):
 
70
class CertReqsConfigTests(TestCaseInTempDir):
69
71
 
70
72
    def test_default(self):
71
73
        stack = config.MemoryStack("")
72
 
        self.assertEqual(ssl.CERT_REQUIRED, stack.get("ssl.cert_reqs"))
 
74
        self.assertEquals(ssl.CERT_REQUIRED, stack.get("ssl.cert_reqs"))
73
75
 
74
76
    def test_from_string(self):
75
77
        stack = config.MemoryStack("ssl.cert_reqs = none\n")
76
 
        self.assertEqual(ssl.CERT_NONE, stack.get("ssl.cert_reqs"))
 
78
        self.assertEquals(ssl.CERT_NONE, stack.get("ssl.cert_reqs"))
77
79
        stack = config.MemoryStack("ssl.cert_reqs = required\n")
78
 
        self.assertEqual(ssl.CERT_REQUIRED, stack.get("ssl.cert_reqs"))
 
80
        self.assertEquals(ssl.CERT_REQUIRED, stack.get("ssl.cert_reqs"))
79
81
        stack = config.MemoryStack("ssl.cert_reqs = invalid\n")
80
82
        self.assertRaises(ConfigOptionValueError, stack.get, "ssl.cert_reqs")
81
83
 
82
84
 
83
 
class MatchHostnameTests(tests.TestCase):
84
 
 
85
 
    def setUp(self):
86
 
        super(MatchHostnameTests, self).setUp()
87
 
        if sys.version_info < (2, 7, 9):
88
 
            raise tests.TestSkipped(
89
 
                'python version too old to provide proper'
90
 
                ' https hostname verification')
 
85
class MatchHostnameTests(TestCase):
91
86
 
92
87
    def test_no_certificate(self):
93
88
        self.assertRaises(ValueError,
94
 
                          ssl.match_hostname, {}, "example.com")
 
89
                          _urllib2_wrappers.match_hostname, {}, "example.com")
95
90
 
96
91
    def test_wildcards_in_cert(self):
97
92
        def ok(cert, hostname):
98
 
            ssl.match_hostname(cert, hostname)
99
 
 
100
 
        def not_ok(cert, hostname):
101
 
            self.assertRaises(
102
 
                ssl.CertificateError,
103
 
                ssl.match_hostname, cert, hostname)
 
93
            _urllib2_wrappers.match_hostname(cert, hostname)
104
94
 
105
95
        # Python Issue #17980: avoid denials of service by refusing more than
106
96
        # one wildcard per fragment.
107
 
        ok({'subject': ((('commonName', 'a*b.com'),),)}, 'axxb.com')
108
 
        not_ok({'subject': ((('commonName', 'a*b.co*'),),)}, 'axxb.com')
109
 
        not_ok({'subject': ((('commonName', 'a*b*.com'),),)}, 'axxbxxc.com')
 
97
        cert = {'subject': ((('commonName', 'a*b.com'),),)}
 
98
        ok(cert, 'axxb.com')
 
99
        cert = {'subject': ((('commonName', 'a*b.co*'),),)}
 
100
        ok(cert, 'axxb.com')
 
101
        cert = {'subject': ((('commonName', 'a*b*.com'),),)}
 
102
        try:
 
103
            _urllib2_wrappers.match_hostname(cert, 'axxbxxc.com')
 
104
        except ValueError as e:
 
105
            self.assertIn("too many wildcards", str(e))
110
106
 
111
107
    def test_no_valid_attributes(self):
112
 
        self.assertRaises(ssl.CertificateError, ssl.match_hostname,
 
108
        self.assertRaises(CertificateError, _urllib2_wrappers.match_hostname,
113
109
                          {"Problem": "Solved"}, "example.com")
114
110
 
115
111
    def test_common_name(self):
116
112
        cert = {'subject': ((('commonName', 'example.com'),),)}
117
113
        self.assertIs(None,
118
 
                      ssl.match_hostname(cert, "example.com"))
119
 
        self.assertRaises(ssl.CertificateError, ssl.match_hostname,
 
114
                      _urllib2_wrappers.match_hostname(cert, "example.com"))
 
115
        self.assertRaises(CertificateError, _urllib2_wrappers.match_hostname,
120
116
                          cert, "example.org")