diff -r b888c9043566 Lib/test/test_urllib2net.py --- a/Lib/test/test_urllib2net.py Sun Feb 03 00:23:58 2013 +0100 +++ b/Lib/test/test_urllib2net.py Mon Feb 04 08:12:48 2013 +1100 @@ -10,12 +10,14 @@ import urllib.request import sys try: - import ssl + ssl = support.import_module("ssl") + from test.ssl_servers import HTTPSServerThread except ImportError: ssl = None TIMEOUT = 60 # seconds +CERTFILE = os.path.join(os.path.dirname(__file__), 'keycert.pem') def _retry_thrice(func, exc, *args, **kwargs): for i in range(3): @@ -333,22 +335,26 @@ @unittest.skipUnless(ssl, "requires SSL support") class HTTPSTests(unittest.TestCase): + @unittest.skipUnless(ssl.HAS_SNI, "SNI support needed for this test") def test_sni(self): - self.skipTest("test disabled - test server needed") - # Checks that Server Name Indication works, if supported by the - # OpenSSL linked to. - # The ssl module itself doesn't have server-side support for SNI, - # so we rely on a third-party test site. - expect_sni = ssl.HAS_SNI - with support.transient_internet("XXX"): - u = urllib.request.urlopen("XXX") - contents = u.readall() - if expect_sni: - self.assertIn(b"Great", contents) - self.assertNotIn(b"Unfortunately", contents) - else: - self.assertNotIn(b"Great", contents) - self.assertIn(b"Unfortunately", contents) + sniname = None + def cb_sni(ssl_sock, server_name, initial_context): + nonlocal sniname + sniname = server_name + context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) + context.load_cert_chain(CERTFILE) + context.set_servername_callback(cb_sni) + try: + server = HTTPSServerThread(context, support.HOST) + server.start() + + url = 'https://' + support.HOST + ':' + str(server.port) + with support.transient_internet(url): + u = urllib.request.urlopen(url) + contents = u.readall() + self.assertEqual(support.HOST, sniname) + finally: + server.stop() def test_main():