diff options
author | Antoine Pitrou <solipsis@pitrou.net> | 2011-10-01 17:22:30 (GMT) |
---|---|---|
committer | Antoine Pitrou <solipsis@pitrou.net> | 2011-10-01 17:22:30 (GMT) |
commit | a02a12c517e69e457f4425aa5af6f55c36a6a39a (patch) | |
tree | d509c4f1e8216f73da9c32b6a4f4c466a84481ca /Lib/test/test_ssl.py | |
parent | 07ac3ebd7ba6b42ba1adb07ec6075eb916d167b1 (diff) | |
parent | d8c347a8de9d7b76d0980ac18511667ab1cb2a4f (diff) | |
download | cpython-a02a12c517e69e457f4425aa5af6f55c36a6a39a.zip cpython-a02a12c517e69e457f4425aa5af6f55c36a6a39a.tar.gz cpython-a02a12c517e69e457f4425aa5af6f55c36a6a39a.tar.bz2 |
Issue #13034: When decoding some SSL certificates, the subjectAltName extension could be unreported.
Diffstat (limited to 'Lib/test/test_ssl.py')
-rw-r--r-- | Lib/test/test_ssl.py | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py index e386325..25f3e4f 100644 --- a/Lib/test/test_ssl.py +++ b/Lib/test/test_ssl.py @@ -54,6 +54,7 @@ EMPTYCERT = data_file("nullcert.pem") BADCERT = data_file("badcert.pem") WRONGCERT = data_file("XXXnonexisting.pem") BADKEY = data_file("badkey.pem") +NOKIACERT = data_file("nokia.pem") def handle_error(prefix): @@ -130,6 +131,31 @@ class BasicSocketTests(unittest.TestCase): p = ssl._ssl._test_decode_cert(CERTFILE) if support.verbose: sys.stdout.write("\n" + pprint.pformat(p) + "\n") + self.assertEqual(p['issuer'], + ((('countryName', 'XY'),), + (('localityName', 'Castle Anthrax'),), + (('organizationName', 'Python Software Foundation'),), + (('commonName', 'localhost'),)) + ) + self.assertEqual(p['notAfter'], 'Oct 5 23:01:56 2020 GMT') + self.assertEqual(p['notBefore'], 'Oct 8 23:01:56 2010 GMT') + self.assertEqual(p['serialNumber'], 'D7C7381919AFC24E') + self.assertEqual(p['subject'], + ((('countryName', 'XY'),), + (('localityName', 'Castle Anthrax'),), + (('organizationName', 'Python Software Foundation'),), + (('commonName', 'localhost'),)) + ) + self.assertEqual(p['subjectAltName'], (('DNS', 'localhost'),)) + # Issue #13034: the subjectAltName in some certificates + # (notably projects.developer.nokia.com:443) wasn't parsed + p = ssl._ssl._test_decode_cert(NOKIACERT) + if support.verbose: + sys.stdout.write("\n" + pprint.pformat(p) + "\n") + self.assertEqual(p['subjectAltName'], + (('DNS', 'projects.developer.nokia.com'), + ('DNS', 'projects.forum.nokia.com')) + ) def test_DER_to_PEM(self): with open(SVN_PYTHON_ORG_ROOT_CERT, 'r') as f: |