/brz/remove-bazaar

« back to all changes in this revision

Viewing changes to breezy/tests/test_https_urllib.py

• browse files at revision 7029.4.1
• compare with another revision
• download diff
• download tarball
• view history from revision 7029.4.1

• reverse the comparison (7029.4.1 to 5200.3.2)
• stop comparing with revision 5200.3.2

Show diffs side-by-side

added

removed

breezy/tests/test_https_urllib.py

 

1

# Copyright (C) 2011, 2012, 2013, 2016 Canonical Ltd

 

2

#

 

3

# This program is free software; you can redistribute it and/or modify

 

4

# it under the terms of the GNU General Public License as published by

 

5

# the Free Software Foundation; either version 2 of the License, or

 

6

# (at your option) any later version.

 

7

#

 

8

# This program is distributed in the hope that it will be useful,

 

9

# but WITHOUT ANY WARRANTY; without even the implied warranty of

 

10

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 

11

# GNU General Public License for more details.

 

12

#

 

13

# You should have received a copy of the GNU General Public License

 

14

# along with this program; if not, write to the Free Software

 

15

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

 

16

 

 

17

"""Tests for the SSL support in the urllib HTTP transport.

 

18

 

 

19

"""

 

20

 

 

21

import os

 

22

import sys

 

23

 

 

24

from .. import (

 

25

    config,

 

26

    trace,

 

27

)

 

28

from .. import tests

 

29

from ..transport.http import _urllib2_wrappers

 

30

from ..transport.http._urllib2_wrappers import ssl

 

31

 

 

32

 

 

33

class CaCertsConfigTests(tests.TestCaseInTempDir):

 

34

 

 

35

    def get_stack(self, content):

 

36

        return config.MemoryStack(content.encode('utf-8'))

 

37

 

 

38

    def test_default_exists(self):

 

39

        """Check that the default we provide exists for the tested platform."""

 

40

        stack = self.get_stack("")

 

41

        self.assertPathExists(stack.get('ssl.ca_certs'))

 

42

 

 

43

    def test_specified(self):

 

44

        self.build_tree(['cacerts.pem'])

 

45

        path = os.path.join(self.test_dir, "cacerts.pem")

 

46

        stack = self.get_stack("ssl.ca_certs = %s\n" % path)

 

47

        self.assertEqual(path, stack.get('ssl.ca_certs'))

 

48

 

 

49

    def test_specified_doesnt_exist(self):

 

50

        stack = self.get_stack('')

 

51

        # Disable the default value mechanism to force the behavior we want

 

52

        self.overrideAttr(_urllib2_wrappers.opt_ssl_ca_certs, 'default',

 

53

                          os.path.join(self.test_dir, u"nonexisting.pem"))

 

54

        self.warnings = []

 

55

 

 

56

        def warning(*args):

 

57

            self.warnings.append(args[0] % args[1:])

 

58

        self.overrideAttr(trace, 'warning', warning)

 

59

        self.assertEqual(None, stack.get('ssl.ca_certs'))

 

60

        self.assertLength(1, self.warnings)

 

61

        self.assertContainsRe(self.warnings[0],

 

62

                              "is not valid for \"ssl.ca_certs\"")

 

63

 

 

64

 

 

65

class CertReqsConfigTests(tests.TestCaseInTempDir):

 

66

 

 

67

    def test_default(self):

 

68

        stack = config.MemoryStack("")

 

69

        self.assertEqual(ssl.CERT_REQUIRED, stack.get("ssl.cert_reqs"))

 

70

 

 

71

    def test_from_string(self):

 

72

        stack = config.MemoryStack("ssl.cert_reqs = none\n")

 

73

        self.assertEqual(ssl.CERT_NONE, stack.get("ssl.cert_reqs"))

 

74

        stack = config.MemoryStack("ssl.cert_reqs = required\n")

 

75

        self.assertEqual(ssl.CERT_REQUIRED, stack.get("ssl.cert_reqs"))

 

76

        stack = config.MemoryStack("ssl.cert_reqs = invalid\n")

 

77

        self.assertRaises(config.ConfigOptionValueError, stack.get,

 

78

                          "ssl.cert_reqs")

 

79

 

 

80

 

 

81

class MatchHostnameTests(tests.TestCase):

 

82

 

 

83

    def setUp(self):

 

84

        super(MatchHostnameTests, self).setUp()

 

85

        if sys.version_info < (2, 7, 9):

 

86

            raise tests.TestSkipped(

 

87

                'python version too old to provide proper'

 

88

                ' https hostname verification')

 

89

 

 

90

    def test_no_certificate(self):

 

91

        self.assertRaises(ValueError,

 

92

                          ssl.match_hostname, {}, "example.com")

 

93

 

 

94

    def test_wildcards_in_cert(self):

 

95

        def ok(cert, hostname):

 

96

            ssl.match_hostname(cert, hostname)

 

97

 

 

98

        def not_ok(cert, hostname):

 

99

            self.assertRaises(

 

100

                ssl.CertificateError,

 

101

                ssl.match_hostname, cert, hostname)

 

102

 

 

103

        # Python Issue #17980: avoid denials of service by refusing more than

 

104

        # one wildcard per fragment.

 

105

        ok({'subject': ((('commonName', 'a*b.com'),),)}, 'axxb.com')

 

106

        not_ok({'subject': ((('commonName', 'a*b.co*'),),)}, 'axxb.com')

 

107

        not_ok({'subject': ((('commonName', 'a*b*.com'),),)}, 'axxbxxc.com')

 

108

 

 

109

    def test_no_valid_attributes(self):

 

110

        self.assertRaises(ssl.CertificateError, ssl.match_hostname,

 

111

                          {"Problem": "Solved"}, "example.com")

 

112

 

 

113

    def test_common_name(self):

 

114

        cert = {'subject': ((('commonName', 'example.com'),),)}

 

115

        self.assertIs(None,

 

116

                      ssl.match_hostname(cert, "example.com"))

 

117

        self.assertRaises(ssl.CertificateError, ssl.match_hostname,

 

118

                          cert, "example.org")

• Older »

Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0