summaryrefslogtreecommitdiffstats
path: root/Lib/test/test_ssl.py
diff options
context:
space:
mode:
authorAntoine Pitrou <solipsis@pitrou.net>2013-12-28 16:30:51 (GMT)
committerAntoine Pitrou <solipsis@pitrou.net>2013-12-28 16:30:51 (GMT)
commite6d2f159fcadd5fc336970110c49bba706b9787e (patch)
treeb7776304fedf69f6073b393b822dcd3519f2d859 /Lib/test/test_ssl.py
parentc1764dd3506e70d19d1bdda171b7812d416ad92f (diff)
parent3e86ba4e321d20931648d110e1be12643cb8ff04 (diff)
downloadcpython-e6d2f159fcadd5fc336970110c49bba706b9787e.zip
cpython-e6d2f159fcadd5fc336970110c49bba706b9787e.tar.gz
cpython-e6d2f159fcadd5fc336970110c49bba706b9787e.tar.bz2
Issue #19422: Explicitly disallow non-SOCK_STREAM sockets in the ssl module, rather than silently let them emit clear text data.
Diffstat (limited to 'Lib/test/test_ssl.py')
-rw-r--r--Lib/test/test_ssl.py11
1 files changed, 11 insertions, 0 deletions
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index 6eb88d7..14d3cc1 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -632,6 +632,17 @@ class BasicSocketTests(unittest.TestCase):
self.assertEqual(ssl.Purpose.CLIENT_AUTH.oid,
'1.3.6.1.5.5.7.3.2')
+ def test_unsupported_dtls(self):
+ s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
+ self.addCleanup(s.close)
+ with self.assertRaises(NotImplementedError) as cx:
+ ssl.wrap_socket(s, cert_reqs=ssl.CERT_NONE)
+ self.assertEqual(str(cx.exception), "only stream sockets are supported")
+ ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
+ with self.assertRaises(NotImplementedError) as cx:
+ ctx.wrap_socket(s)
+ self.assertEqual(str(cx.exception), "only stream sockets are supported")
+
class ContextTests(unittest.TestCase):
generated by cgit v0.12 at 2024-11-12 09:03:36 (GMT)