Issue #13034: When decoding some SSL certificates, the subjectAltName extension could be unreported.

author: Antoine Pitrou <solipsis@pitrou.net> 2011-10-01 17:30:58 (GMT)
committer: Antoine Pitrou <solipsis@pitrou.net> 2011-10-01 17:30:58 (GMT)
commit: f06eb46918f11220d13e7170dcb17929498e3294 (patch)
tree: b7bc0a2251723756a39553f075864c052f5563c1 /Lib/test/test_ssl.py
parent: 564f89036fbecfc03ca4152e9de8b291887111a4 (diff)
download: cpython-f06eb46918f11220d13e7170dcb17929498e3294.zip
cpython-f06eb46918f11220d13e7170dcb17929498e3294.tar.gz
cpython-f06eb46918f11220d13e7170dcb17929498e3294.tar.bz2
1 files changed, 22 insertions, 2 deletions
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index 3df4d0c..aa6c850 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -110,6 +110,23 @@ class BasicSocketTests(unittest.TestCase):
         p = ssl._ssl._test_decode_cert(CERTFILE, False)
         if test_support.verbose:
             sys.stdout.write("\n" + pprint.pformat(p) + "\n")
+        self.assertEqual(p['subject'],
+                         ((('countryName', u'US'),),
+                          (('stateOrProvinceName', u'Delaware'),),
+                          (('localityName', u'Wilmington'),),
+                          (('organizationName', u'Python Software Foundation'),),
+                          (('organizationalUnitName', u'SSL'),),
+                          (('commonName', u'somemachine.python.org'),)),
+                        )
+        # Issue #13034: the subjectAltName in some certificates
+        # (notably projects.developer.nokia.com:443) wasn't parsed
+        p = ssl._ssl._test_decode_cert(NOKIACERT)
+        if test_support.verbose:
+            sys.stdout.write("\n" + pprint.pformat(p) + "\n")
+        self.assertEqual(p['subjectAltName'],
+                         (('DNS', 'projects.developer.nokia.com'),
+                          ('DNS', 'projects.forum.nokia.com'))
+                        )
 
     def test_DER_to_PEM(self):
         with open(SVN_PYTHON_ORG_ROOT_CERT, 'r') as f:
@@ -1329,15 +1346,18 @@ else:
 
 
 def test_main(verbose=False):
-    global CERTFILE, SVN_PYTHON_ORG_ROOT_CERT
+    global CERTFILE, SVN_PYTHON_ORG_ROOT_CERT, NOKIACERT
     CERTFILE = os.path.join(os.path.dirname(__file__) or os.curdir,
                             "keycert.pem")
     SVN_PYTHON_ORG_ROOT_CERT = os.path.join(
         os.path.dirname(__file__) or os.curdir,
         "https_svn_python_org_root.pem")
+    NOKIACERT = os.path.join(os.path.dirname(__file__) or os.curdir,
+                             "nokia.pem")
 
     if (not os.path.exists(CERTFILE) or
-        not os.path.exists(SVN_PYTHON_ORG_ROOT_CERT)):
+        not os.path.exists(SVN_PYTHON_ORG_ROOT_CERT) or
+        not os.path.exists(NOKIACERT)):
         raise test_support.TestFailed("Can't read certificate files!")
 
     tests = [BasicTests, BasicSocketTests]
author	Antoine Pitrou <solipsis@pitrou.net>	2011-10-01 17:30:58 (GMT)
committer	Antoine Pitrou <solipsis@pitrou.net>	2011-10-01 17:30:58 (GMT)
commit	f06eb46918f11220d13e7170dcb17929498e3294 (patch)
tree	b7bc0a2251723756a39553f075864c052f5563c1 /Lib/test/test_ssl.py
parent	564f89036fbecfc03ca4152e9de8b291887111a4 (diff)
download	cpython-f06eb46918f11220d13e7170dcb17929498e3294.zip cpython-f06eb46918f11220d13e7170dcb17929498e3294.tar.gz cpython-f06eb46918f11220d13e7170dcb17929498e3294.tar.bz2