Issue #13034: When decoding some SSL certificates, the subjectAltName extension could be unreported.

author: Antoine Pitrou <solipsis@pitrou.net> 2011-10-01 17:22:30 (GMT)
committer: Antoine Pitrou <solipsis@pitrou.net> 2011-10-01 17:22:30 (GMT)
commit: a02a12c517e69e457f4425aa5af6f55c36a6a39a (patch)
tree: d509c4f1e8216f73da9c32b6a4f4c466a84481ca /Lib/test/test_ssl.py
parent: 07ac3ebd7ba6b42ba1adb07ec6075eb916d167b1 (diff)
parent: d8c347a8de9d7b76d0980ac18511667ab1cb2a4f (diff)
download: cpython-a02a12c517e69e457f4425aa5af6f55c36a6a39a.zip
cpython-a02a12c517e69e457f4425aa5af6f55c36a6a39a.tar.gz
cpython-a02a12c517e69e457f4425aa5af6f55c36a6a39a.tar.bz2
1 files changed, 26 insertions, 0 deletions
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index e386325..25f3e4f 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -54,6 +54,7 @@ EMPTYCERT = data_file("nullcert.pem")
 BADCERT = data_file("badcert.pem")
 WRONGCERT = data_file("XXXnonexisting.pem")
 BADKEY = data_file("badkey.pem")
+NOKIACERT = data_file("nokia.pem")
 
 
 def handle_error(prefix):
@@ -130,6 +131,31 @@ class BasicSocketTests(unittest.TestCase):
         p = ssl._ssl._test_decode_cert(CERTFILE)
         if support.verbose:
             sys.stdout.write("\n" + pprint.pformat(p) + "\n")
+        self.assertEqual(p['issuer'],
+                         ((('countryName', 'XY'),),
+                          (('localityName', 'Castle Anthrax'),),
+                          (('organizationName', 'Python Software Foundation'),),
+                          (('commonName', 'localhost'),))
+                        )
+        self.assertEqual(p['notAfter'], 'Oct  5 23:01:56 2020 GMT')
+        self.assertEqual(p['notBefore'], 'Oct  8 23:01:56 2010 GMT')
+        self.assertEqual(p['serialNumber'], 'D7C7381919AFC24E')
+        self.assertEqual(p['subject'],
+                         ((('countryName', 'XY'),),
+                          (('localityName', 'Castle Anthrax'),),
+                          (('organizationName', 'Python Software Foundation'),),
+                          (('commonName', 'localhost'),))
+                        )
+        self.assertEqual(p['subjectAltName'], (('DNS', 'localhost'),))
+        # Issue #13034: the subjectAltName in some certificates
+        # (notably projects.developer.nokia.com:443) wasn't parsed
+        p = ssl._ssl._test_decode_cert(NOKIACERT)
+        if support.verbose:
+            sys.stdout.write("\n" + pprint.pformat(p) + "\n")
+        self.assertEqual(p['subjectAltName'],
+                         (('DNS', 'projects.developer.nokia.com'),
+                          ('DNS', 'projects.forum.nokia.com'))
+                        )
 
     def test_DER_to_PEM(self):
         with open(SVN_PYTHON_ORG_ROOT_CERT, 'r') as f:
author	Antoine Pitrou <solipsis@pitrou.net>	2011-10-01 17:22:30 (GMT)
committer	Antoine Pitrou <solipsis@pitrou.net>	2011-10-01 17:22:30 (GMT)
commit	a02a12c517e69e457f4425aa5af6f55c36a6a39a (patch)
tree	d509c4f1e8216f73da9c32b6a4f4c466a84481ca /Lib/test/test_ssl.py
parent	07ac3ebd7ba6b42ba1adb07ec6075eb916d167b1 (diff)
parent	d8c347a8de9d7b76d0980ac18511667ab1cb2a4f (diff)
download	cpython-a02a12c517e69e457f4425aa5af6f55c36a6a39a.zip cpython-a02a12c517e69e457f4425aa5af6f55c36a6a39a.tar.gz cpython-a02a12c517e69e457f4425aa5af6f55c36a6a39a.tar.bz2