~bzr-pqm/bzr/bzr.dev

« back to all changes in this revision

Viewing changes to bzrlib/tests/test_https_urllib.py

• browse files at revision 6614
• compare with another revision
• download diff
• download tarball
• view history from revision 6614

• reverse the comparison (6614 to 6437.40.2)
• stop comparing with revision 6437.40.2

Show diffs side-by-side

added

removed

bzrlib/tests/test_https_urllib.py

1

 

# Copyright (C) 2011,2012 Canonical Ltd

 

1

# Copyright (C) 2011, 2012, 2013, 2016 Canonical Ltd

2

2

#

3

3

# This program is free software; you can redistribute it and/or modify

4

4

# it under the terms of the GNU General Public License as published by

19

19

"""

20

20

 

21

21

import os

22

 

import ssl

 

22

import sys

23

23

 

24

24

from bzrlib import (

25

25

    config,

26

26

    trace,

27

 

    )

 

27

)

28

28

from bzrlib.errors import (

29

 

    CertificateError,

30

29

    ConfigOptionValueError,

31

 

    )

32

 

from bzrlib.tests import (

33

 

    TestCase,

34

 

    TestCaseInTempDir,

35

 

    )

 

30

)

 

31

from bzrlib import tests

36

32

from bzrlib.transport.http import _urllib2_wrappers

37

 

 

38

 

 

39

 

class CaCertsConfigTests(TestCaseInTempDir):

 

33

from bzrlib.transport.http._urllib2_wrappers import ssl

 

34

 

 

35

 

 

36

class CaCertsConfigTests(tests.TestCaseInTempDir):

40

37

 

41

38

    def get_stack(self, content):

42

39

        return config.MemoryStack(content.encode('utf-8'))

58

55

        self.overrideAttr(_urllib2_wrappers.opt_ssl_ca_certs, 'default',

59

56

                          os.path.join(self.test_dir, u"nonexisting.pem"))

60

57

        self.warnings = []

 

58

 

61

59

        def warning(*args):

62

60

            self.warnings.append(args[0] % args[1:])

63

61

        self.overrideAttr(trace, 'warning', warning)

67

65

                              "is not valid for \"ssl.ca_certs\"")

68

66

 

69

67

 

70

 

class CertReqsConfigTests(TestCaseInTempDir):

 

68

class CertReqsConfigTests(tests.TestCaseInTempDir):

71

69

 

72

70

    def test_default(self):

73

71

        stack = config.MemoryStack("")

82

80

        self.assertRaises(ConfigOptionValueError, stack.get, "ssl.cert_reqs")

83

81

 

84

82

 

85

 

class MatchHostnameTests(TestCase):

 

83

class MatchHostnameTests(tests.TestCase):

 

84

 

 

85

    def setUp(self):

 

86

        super(MatchHostnameTests, self).setUp()

 

87

        if sys.version_info < (2, 7, 9):

 

88

            raise tests.TestSkipped(

 

89

                'python version too old to provide proper'

 

90

                ' https hostname verification')

86

91

 

87

92

    def test_no_certificate(self):

88

93

        self.assertRaises(ValueError,

89

 

                          _urllib2_wrappers.match_hostname, {}, "example.com")

 

94

                          ssl.match_hostname, {}, "example.com")

 

95

 

 

96

    def test_wildcards_in_cert(self):

 

97

        def ok(cert, hostname):

 

98

            ssl.match_hostname(cert, hostname)

 

99

 

 

100

        def not_ok(cert, hostname):

 

101

            self.assertRaises(

 

102

                ssl.CertificateError,

 

103

                ssl.match_hostname, cert, hostname)

 

104

 

 

105

        # Python Issue #17980: avoid denials of service by refusing more than

 

106

        # one wildcard per fragment.

 

107

        ok({'subject': ((('commonName', 'a*b.com'),),)}, 'axxb.com')

 

108

        not_ok({'subject': ((('commonName', 'a*b.co*'),),)}, 'axxb.com')

 

109

        not_ok({'subject': ((('commonName', 'a*b*.com'),),)}, 'axxbxxc.com')

90

110

 

91

111

    def test_no_valid_attributes(self):

92

 

        self.assertRaises(CertificateError, _urllib2_wrappers.match_hostname,

 

112

        self.assertRaises(ssl.CertificateError, ssl.match_hostname,

93

113

                          {"Problem": "Solved"}, "example.com")

94

114

 

95

115

    def test_common_name(self):

96

116

        cert = {'subject': ((('commonName', 'example.com'),),)}

97

117

        self.assertIs(None,

98

 

                      _urllib2_wrappers.match_hostname(cert, "example.com"))

99

 

        self.assertRaises(CertificateError, _urllib2_wrappers.match_hostname,

 

118

                      ssl.match_hostname(cert, "example.com"))

 

119

        self.assertRaises(ssl.CertificateError, ssl.match_hostname,

100

120

                          cert, "example.org")

• Older »

Loggerhead is a web-based interface for Breezy
Version: 2.0.1