Issue #28093: Check more invalid combinations of PROTOCOL_TLS_CLIENT / PROTOCOL_TLS_SERVER

author: Christian Heimes <christian@python.org> 2016-09-12 08:48:20 (GMT)
committer: Christian Heimes <christian@python.org> 2016-09-12 08:48:20 (GMT)
commit: 9017ec1ea0347c4bd901c329254590a9f86a69b8 (patch)
tree: 18b0461a0afc83ac91139b3e9b71e4660d8e481a
parent: c4d2e500a9a3d0f33eda9ee0377ac6aec5f16b83 (diff)
download: cpython-9017ec1ea0347c4bd901c329254590a9f86a69b8.zip
cpython-9017ec1ea0347c4bd901c329254590a9f86a69b8.tar.gz
cpython-9017ec1ea0347c4bd901c329254590a9f86a69b8.tar.bz2
1 files changed, 23 insertions, 3 deletions
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index 557b6de..46ec822 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -2305,18 +2305,38 @@ if _have_threads:
             # server_context.load_verify_locations(SIGNING_CA)
             server_context.load_cert_chain(SIGNED_CERTFILE2)
 
-            with self.subTest(client='PROTOCOL_TLS_CLIENT', server='PROTOCOL_TLS_SERVER'):
+            with self.subTest(client=ssl.PROTOCOL_TLS_CLIENT, server=ssl.PROTOCOL_TLS_SERVER):
                 server_params_test(client_context=client_context,
                                    server_context=server_context,
                                    chatty=True, connectionchatty=True,
                                    sni_name='fakehostname')
 
-            with self.subTest(client='PROTOCOL_TLS_SERVER', server='PROTOCOL_TLS_CLIENT'):
-                with self.assertRaises(ssl.SSLError):
+            client_context.check_hostname = False
+            with self.subTest(client=ssl.PROTOCOL_TLS_SERVER, server=ssl.PROTOCOL_TLS_CLIENT):
+                with self.assertRaises(ssl.SSLError) as e:
                     server_params_test(client_context=server_context,
                                        server_context=client_context,
                                        chatty=True, connectionchatty=True,
                                        sni_name='fakehostname')
+                self.assertIn('called a function you should not call',
+                              str(e.exception))
+
+            with self.subTest(client=ssl.PROTOCOL_TLS_SERVER, server=ssl.PROTOCOL_TLS_SERVER):
+                with self.assertRaises(ssl.SSLError) as e:
+                    server_params_test(client_context=server_context,
+                                       server_context=server_context,
+                                       chatty=True, connectionchatty=True)
+                self.assertIn('called a function you should not call',
+                              str(e.exception))
+
+            with self.subTest(client=ssl.PROTOCOL_TLS_CLIENT, server=ssl.PROTOCOL_TLS_CLIENT):
+                with self.assertRaises(ssl.SSLError) as e:
+                    server_params_test(client_context=server_context,
+                                       server_context=client_context,
+                                       chatty=True, connectionchatty=True)
+                self.assertIn('called a function you should not call',
+                              str(e.exception))
+
 
         def test_getpeercert(self):
             if support.verbose:
author	Christian Heimes <christian@python.org>	2016-09-12 08:48:20 (GMT)
committer	Christian Heimes <christian@python.org>	2016-09-12 08:48:20 (GMT)
commit	9017ec1ea0347c4bd901c329254590a9f86a69b8 (patch)
tree	18b0461a0afc83ac91139b3e9b71e4660d8e481a
parent	c4d2e500a9a3d0f33eda9ee0377ac6aec5f16b83 (diff)
download	cpython-9017ec1ea0347c4bd901c329254590a9f86a69b8.zip cpython-9017ec1ea0347c4bd901c329254590a9f86a69b8.tar.gz cpython-9017ec1ea0347c4bd901c329254590a9f86a69b8.tar.bz2