diff options
| author | Georg Brandl <georg@python.org> | 2014-11-05 19:37:40 (GMT) |
|---|---|---|
| committer | Georg Brandl <georg@python.org> | 2014-11-05 19:37:40 (GMT) |
| commit | fbaf9310965f5ea491b9ed7b1b6e5db4f73e4def (patch) | |
| tree | f8987923a9e31c5124c096882e6e6fd6ab84c56f /Lib/test/test_httplib.py | |
| parent | 50219fcd23490ab65da4ed16b9c79b82d4192858 (diff) | |
| download | cpython-fbaf9310965f5ea491b9ed7b1b6e5db4f73e4def.zip cpython-fbaf9310965f5ea491b9ed7b1b6e5db4f73e4def.tar.gz cpython-fbaf9310965f5ea491b9ed7b1b6e5db4f73e4def.tar.bz2 | |
test_httplib: use self-signed.pythontest.net for verification test with non-root-CA cert
Diffstat (limited to 'Lib/test/test_httplib.py')
| -rw-r--r-- | Lib/test/test_httplib.py | 20 |
1 files changed, 8 insertions, 12 deletions
diff --git a/Lib/test/test_httplib.py b/Lib/test/test_httplib.py index 2ded60e..d259fb2 100644 --- a/Lib/test/test_httplib.py +++ b/Lib/test/test_httplib.py @@ -15,8 +15,8 @@ here = os.path.dirname(__file__) CERT_localhost = os.path.join(here, 'keycert.pem') # Self-signed cert file for 'fakehostname' CERT_fakehostname = os.path.join(here, 'keycert2.pem') -# Root cert file (CA) for svn.python.org's cert -CACERT_svn_python_org = os.path.join(here, 'https_svn_python_org_root.pem') +# Self-signed cert file for self-signed.pythontest.net +CERT_selfsigned_pythontestdotnet = os.path.join(here, 'selfsigned_pythontestdotnet.pem') HOST = support.HOST @@ -772,11 +772,6 @@ class HTTPSTest(TestCase): h = client.HTTPSConnection(HOST, TimeoutTest.PORT, timeout=30) self.assertEqual(h.timeout, 30) - def _check_svn_python_org(self, resp): - # Just a simple check that everything went fine - server_string = resp.getheader('server') - self.assertIn('Apache', server_string) - def test_networked(self): # Default settings: requires a valid cert from a trusted CA import ssl @@ -810,17 +805,18 @@ class HTTPSTest(TestCase): self.assertIn('text/html', content_type) def test_networked_good_cert(self): - # We feed a CA cert that validates the server's cert + # We feed the server's cert as a validating cert import ssl support.requires('network') - with support.transient_internet('svn.python.org'): + with support.transient_internet('self-signed.pythontest.net'): context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) context.verify_mode = ssl.CERT_REQUIRED - context.load_verify_locations(CACERT_svn_python_org) - h = client.HTTPSConnection('svn.python.org', 443, context=context) + context.load_verify_locations(CERT_selfsigned_pythontestdotnet) + h = client.HTTPSConnection('self-signed.pythontest.net', 443, context=context) h.request('GET', '/') resp = h.getresponse() - self._check_svn_python_org(resp) + server_string = resp.getheader('server') + self.assertIn('nginx', server_string) def test_networked_bad_cert(self): # We feed a "CA" cert that is unrelated to the server's cert |