# HG changeset patch # Parent 34ca24fa1b4a8dc8a83b1d71bad68ed7da4f28f4 Issue #26173: Fix test_ssl confusion with non-existing cert and wrongcert.pem Testing for a non-existing certificate file is already done in test_errors(). The wrongcert.pem test was originally testing behaviour with a mismatched certificate. diff -r 34ca24fa1b4a Lib/test/test_ssl.py --- a/Lib/test/test_ssl.py Wed Jan 27 11:51:45 2016 -0500 +++ b/Lib/test/test_ssl.py Fri Jan 29 01:20:48 2016 +0000 @@ -62,7 +62,7 @@ EMPTYCERT = data_file("nullcert.pem") BADCERT = data_file("badcert.pem") -WRONGCERT = data_file("XXXnonexisting.pem") +NONEXISTINGCERT = data_file("XXXnonexisting.pem") BADKEY = data_file("badkey.pem") NOKIACERT = data_file("nokia.pem") NULLBYTECERT = data_file("nullbytecert.pem") @@ -334,15 +334,17 @@ s.connect, (HOST, 8080)) with self.assertRaises(IOError) as cm: with closing(socket.socket()) as sock: - ssl.wrap_socket(sock, certfile=WRONGCERT) + ssl.wrap_socket(sock, certfile=NONEXISTINGCERT) self.assertEqual(cm.exception.errno, errno.ENOENT) with self.assertRaises(IOError) as cm: with closing(socket.socket()) as sock: - ssl.wrap_socket(sock, certfile=CERTFILE, keyfile=WRONGCERT) + ssl.wrap_socket(sock, + certfile=CERTFILE, keyfile=NONEXISTINGCERT) self.assertEqual(cm.exception.errno, errno.ENOENT) with self.assertRaises(IOError) as cm: with closing(socket.socket()) as sock: - ssl.wrap_socket(sock, certfile=WRONGCERT, keyfile=WRONGCERT) + ssl.wrap_socket(sock, + certfile=NONEXISTINGCERT, keyfile=NONEXISTINGCERT) self.assertEqual(cm.exception.errno, errno.ENOENT) def test_match_hostname(self): @@ -773,7 +775,7 @@ ctx.load_cert_chain(CERTFILE, keyfile=CERTFILE) self.assertRaises(TypeError, ctx.load_cert_chain, keyfile=CERTFILE) with self.assertRaises(IOError) as cm: - ctx.load_cert_chain(WRONGCERT) + ctx.load_cert_chain(NONEXISTINGCERT) self.assertEqual(cm.exception.errno, errno.ENOENT) with self.assertRaisesRegexp(ssl.SSLError, "PEM lib"): ctx.load_cert_chain(BADCERT) @@ -859,7 +861,7 @@ self.assertRaises(TypeError, ctx.load_verify_locations) self.assertRaises(TypeError, ctx.load_verify_locations, None, None, None) with self.assertRaises(IOError) as cm: - ctx.load_verify_locations(WRONGCERT) + ctx.load_verify_locations(NONEXISTINGCERT) self.assertEqual(cm.exception.errno, errno.ENOENT) with self.assertRaises(IOError): ctx.load_verify_locations(u'') @@ -937,7 +939,7 @@ self.assertRaises(TypeError, ctx.load_dh_params) self.assertRaises(TypeError, ctx.load_dh_params, None) with self.assertRaises(IOError) as cm: - ctx.load_dh_params(WRONGCERT) + ctx.load_dh_params(NONEXISTINGCERT) self.assertEqual(cm.exception.errno, errno.ENOENT) with self.assertRaises(ssl.SSLError) as cm: ctx.load_dh_params(CERTFILE) @@ -1893,11 +1895,6 @@ except OSError as x: if support.verbose: sys.stdout.write("\nOSError is %s\n" % x.args[1]) - except OSError as x: - if x.errno != errno.ENOENT: - raise - if support.verbose: - sys.stdout.write("\OSError is %s\n" % str(x)) else: raise AssertionError("Use of invalid cert should have failed!") @@ -2147,8 +2144,8 @@ """Connecting with a badly formatted certificate (syntax error)""" bad_cert_test(os.path.join(os.path.dirname(__file__) or os.curdir, "badcert.pem")) - def test_nonexisting_cert(self): - """Connecting with a non-existing cert file""" + def test_wrong_cert(self): + """Connecting with a cert file not matching the server""" bad_cert_test(os.path.join(os.path.dirname(__file__) or os.curdir, "wrongcert.pem")) def test_malformed_key(self):