Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(108194)

Delta Between Two Patch Sets: Lib/test/test_ssl.py

Issue 19689: ssl.create_default_context()
Left Patch Set: Created 5 years, 4 months ago
Right Patch Set: Created 5 years, 3 months ago
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
Left: Side by side diff | Download
Right: Side by side diff | Download
« no previous file with change/comment | « Lib/ssl.py ('k') | Lib/urllib/request.py » ('j') | no next file with change/comment »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
LEFTRIGHT
1 # Test the support for SSL and sockets 1 # Test the support for SSL and sockets
2 2
3 import sys 3 import sys
4 import unittest 4 import unittest
5 from test import support 5 from test import support
6 import socket 6 import socket
7 import select 7 import select
8 import time 8 import time
9 import datetime 9 import datetime
10 import gc 10 import gc
(...skipping 518 matching lines...) Expand 10 before | Expand all | Expand 10 after
529 self.assertEqual(paths.capath, CAPATH) 529 self.assertEqual(paths.capath, CAPATH)
530 530
531 @unittest.skipUnless(sys.platform == "win32", "Windows specific") 531 @unittest.skipUnless(sys.platform == "win32", "Windows specific")
532 def test_enum_certificates(self): 532 def test_enum_certificates(self):
533 self.assertTrue(ssl.enum_certificates("CA")) 533 self.assertTrue(ssl.enum_certificates("CA"))
534 self.assertTrue(ssl.enum_certificates("ROOT")) 534 self.assertTrue(ssl.enum_certificates("ROOT"))
535 535
536 self.assertRaises(TypeError, ssl.enum_certificates) 536 self.assertRaises(TypeError, ssl.enum_certificates)
537 self.assertRaises(WindowsError, ssl.enum_certificates, "") 537 self.assertRaises(WindowsError, ssl.enum_certificates, "")
538 538
539 names = set() 539 trust_oids = set()
540 ca = ssl.enum_certificates("CA") 540 for storename in ("CA", "ROOT"):
541 self.assertIsInstance(ca, list) 541 store = ssl.enum_certificates(storename)
542 for element in ca: 542 self.assertIsInstance(store, list)
543 self.assertIsInstance(element, tuple) 543 for element in store:
544 self.assertEqual(len(element), 3) 544 self.assertIsInstance(element, tuple)
545 cert, enc, trust = element 545 self.assertEqual(len(element), 3)
546 self.assertIsInstance(cert, bytes) 546 cert, enc, trust = element
547 self.assertIn(enc, {"x509_asn", "pkcs_7_asn"}) 547 self.assertIsInstance(cert, bytes)
548 self.assertIsInstance(trust, (set, bool)) 548 self.assertIn(enc, {"x509_asn", "pkcs_7_asn"})
549 if isinstance(trust, set): 549 self.assertIsInstance(trust, (set, bool))
550 names.update(trust) 550 if isinstance(trust, set):
551 trust_oids.update(trust)
551 552
552 serverAuth = "1.3.6.1.5.5.7.3.1" 553 serverAuth = "1.3.6.1.5.5.7.3.1"
553 self.assertIn(serverAuth, names) 554 self.assertIn(serverAuth, trust_oids)
554 555
555 @unittest.skipUnless(sys.platform == "win32", "Windows specific") 556 @unittest.skipUnless(sys.platform == "win32", "Windows specific")
556 def test_enum_crls(self): 557 def test_enum_crls(self):
557 self.assertTrue(ssl.enum_crls("CA")) 558 self.assertTrue(ssl.enum_crls("CA"))
558 self.assertRaises(TypeError, ssl.enum_crls) 559 self.assertRaises(TypeError, ssl.enum_crls)
559 self.assertRaises(WindowsError, ssl.enum_crls, "") 560 self.assertRaises(WindowsError, ssl.enum_crls, "")
560 561
561 crls = ssl.enum_crls("CA") 562 crls = ssl.enum_crls("CA")
562 self.assertIsInstance(crls, list) 563 self.assertIsInstance(crls, list)
563 for element in crls: 564 for element in crls:
(...skipping 13 matching lines...) Expand all
577 self.assertEqual(val.shortname, 'serverAuth') 578 self.assertEqual(val.shortname, 'serverAuth')
578 self.assertEqual(val.longname, 'TLS Web Server Authentication') 579 self.assertEqual(val.longname, 'TLS Web Server Authentication')
579 self.assertEqual(val.oid, '1.3.6.1.5.5.7.3.1') 580 self.assertEqual(val.oid, '1.3.6.1.5.5.7.3.1')
580 self.assertIsInstance(val, ssl._ASN1Object) 581 self.assertIsInstance(val, ssl._ASN1Object)
581 self.assertRaises(ValueError, ssl._ASN1Object, 'serverAuth') 582 self.assertRaises(ValueError, ssl._ASN1Object, 'serverAuth')
582 583
583 val = ssl._ASN1Object.fromnid(129) 584 val = ssl._ASN1Object.fromnid(129)
584 self.assertEqual(val, expected) 585 self.assertEqual(val, expected)
585 self.assertIsInstance(val, ssl._ASN1Object) 586 self.assertIsInstance(val, ssl._ASN1Object)
586 self.assertRaises(ValueError, ssl._ASN1Object.fromnid, -1) 587 self.assertRaises(ValueError, ssl._ASN1Object.fromnid, -1)
587 self.assertRaises(ValueError, ssl._ASN1Object.fromnid, 100000) 588 with self.assertRaisesRegex(ValueError, "unknown NID 100000"):
589 ssl._ASN1Object.fromnid(100000)
588 for i in range(1000): 590 for i in range(1000):
589 try: 591 try:
590 obj = ssl._ASN1Object.fromnid(i) 592 obj = ssl._ASN1Object.fromnid(i)
591 except ValueError: 593 except ValueError:
592 pass 594 pass
593 else: 595 else:
594 self.assertIsInstance(obj.nid, int) 596 self.assertIsInstance(obj.nid, int)
595 self.assertIsInstance(obj.shortname, str) 597 self.assertIsInstance(obj.shortname, str)
596 self.assertIsInstance(obj.longname, str) 598 self.assertIsInstance(obj.longname, str)
597 self.assertIsInstance(obj.oid, (str, type(None))) 599 self.assertIsInstance(obj.oid, (str, type(None)))
598 600
599 val = ssl._ASN1Object.fromname('TLS Web Server Authentication') 601 val = ssl._ASN1Object.fromname('TLS Web Server Authentication')
600 self.assertEqual(val, expected) 602 self.assertEqual(val, expected)
601 self.assertIsInstance(val, ssl._ASN1Object) 603 self.assertIsInstance(val, ssl._ASN1Object)
602 self.assertEqual(ssl._ASN1Object.fromname('serverAuth'), expected) 604 self.assertEqual(ssl._ASN1Object.fromname('serverAuth'), expected)
603 self.assertEqual(ssl._ASN1Object.fromname('1.3.6.1.5.5.7.3.1'), 605 self.assertEqual(ssl._ASN1Object.fromname('1.3.6.1.5.5.7.3.1'),
604 expected) 606 expected)
605 self.assertRaises(ValueError, ssl._ASN1Object.fromname, 'serverauth') 607 with self.assertRaisesRegex(ValueError, "unknown object 'serverauth'"):
608 ssl._ASN1Object.fromname('serverauth')
606 609
607 def test_create_default_context(self): 610 def test_create_default_context(self):
608 ctx = ssl.create_default_context() 611 ctx = ssl.create_default_context()
609 self.assertEqual(ctx.protocol, ssl.PROTOCOL_SSLv23) 612 self.assertEqual(ctx.protocol, ssl.PROTOCOL_SSLv23)
610 self.assertEqual(ctx.verify_mode, ssl.CERT_NONE) 613 self.assertEqual(ctx.verify_mode, ssl.CERT_NONE)
611 self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2) 614 self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2)
612 615
613 ctx = ssl.create_default_context(ssl.PROTOCOL_TLSv1) 616 ctx = ssl.create_default_context(ssl.PROTOCOL_TLSv1)
614 self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLSv1) 617 self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLSv1)
615 self.assertEqual(ctx.verify_mode, ssl.CERT_NONE) 618 self.assertEqual(ctx.verify_mode, ssl.CERT_NONE)
616 self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2) 619 self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2)
617 620
618 ctx = ssl.create_default_context(ssl.PROTOCOL_TLSv1_1, 621 ctx = ssl.create_default_context(ssl.PROTOCOL_TLSv1_1,
619 verify_mode=ssl.CERT_REQUIRED) 622 cert_reqs=ssl.CERT_REQUIRED)
620 self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLSv1_1) 623 self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLSv1_1)
621 self.assertEqual(ctx.verify_mode, ssl.CERT_REQUIRED) 624 self.assertEqual(ctx.verify_mode, ssl.CERT_REQUIRED)
622 self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2) 625 self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2)
623 626
624 ctx = ssl.create_default_context(certfile=CERTFILE) 627 ctx = ssl.create_default_context(certfile=CERTFILE)
625 ctx = ssl.create_default_context(certfile=ONLYCERT, 628 ctx = ssl.create_default_context(certfile=ONLYCERT,
626 keyfile=ONLYKEY) 629 keyfile=ONLYKEY)
627 with self.assertRaises(FileNotFoundError): 630 with self.assertRaises(FileNotFoundError):
628 ssl.create_default_context(certfile=WRONGCERT) 631 ssl.create_default_context(certfile=WRONGCERT)
629 632
(...skipping 2067 matching lines...) Expand 10 before | Expand all | Expand 10 after
2697 tests.append(ThreadedTests) 2700 tests.append(ThreadedTests)
2698 2701
2699 try: 2702 try:
2700 support.run_unittest(*tests) 2703 support.run_unittest(*tests)
2701 finally: 2704 finally:
2702 if _have_threads: 2705 if _have_threads:
2703 support.threading_cleanup(*thread_info) 2706 support.threading_cleanup(*thread_info)
2704 2707
2705 if __name__ == "__main__": 2708 if __name__ == "__main__":
2706 test_main() 2709 test_main()
LEFTRIGHT

RSS Feeds Recent Issues | This issue
This is Rietveld 894c83f36cb7+