diff options
| author | Georg Brandl <georg@python.org> | 2014-11-05 19:37:40 (GMT) |
|---|---|---|
| committer | Georg Brandl <georg@python.org> | 2014-11-05 19:37:40 (GMT) |
| commit | 89644d080b9663ab1a809113b965e4e33a9a7af1 (patch) | |
| tree | 450b93109058e0777b5292bd2731fbd1700eb949 /Lib/test | |
| parent | 5e621176c4ec3cbd5102b9ca7441695832544123 (diff) | |
| download | cpython-89644d080b9663ab1a809113b965e4e33a9a7af1.zip cpython-89644d080b9663ab1a809113b965e4e33a9a7af1.tar.gz cpython-89644d080b9663ab1a809113b965e4e33a9a7af1.tar.bz2 | |
Issue #25940: Backport self-signed.pythontest.net testing for test_httplib
The svn.python.org server recently changed root certificate, causing the test
to fail. This backports revision 4985375db40f.
Diffstat (limited to 'Lib/test')
| -rw-r--r-- | Lib/test/selfsigned_pythontestdotnet.pem | 16 | ||||
| -rw-r--r-- | Lib/test/test_httplib.py | 15 |
2 files changed, 24 insertions, 7 deletions
diff --git a/Lib/test/selfsigned_pythontestdotnet.pem b/Lib/test/selfsigned_pythontestdotnet.pem new file mode 100644 index 0000000..9a80073 --- /dev/null +++ b/Lib/test/selfsigned_pythontestdotnet.pem @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE----- +MIIChzCCAfCgAwIBAgIJAKGU95wKR8pSMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV +BAYTAlhZMRcwFQYDVQQHDA5DYXN0bGUgQW50aHJheDEjMCEGA1UECgwaUHl0aG9u +IFNvZnR3YXJlIEZvdW5kYXRpb24xIzAhBgNVBAMMGnNlbGYtc2lnbmVkLnB5dGhv +bnRlc3QubmV0MB4XDTE0MTEwMjE4MDkyOVoXDTI0MTAzMDE4MDkyOVowcDELMAkG +A1UEBhMCWFkxFzAVBgNVBAcMDkNhc3RsZSBBbnRocmF4MSMwIQYDVQQKDBpQeXRo +b24gU29mdHdhcmUgRm91bmRhdGlvbjEjMCEGA1UEAwwac2VsZi1zaWduZWQucHl0 +aG9udGVzdC5uZXQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANDXQXW9tjyZ +Xt0Iv2tLL1+jinr4wGg36ioLDLFkMf+2Y1GL0v0BnKYG4N1OKlAU15LXGeGer8vm +Sv/yIvmdrELvhAbbo3w4a9TMYQA4XkIVLdvu3mvNOAet+8PMJxn26dbDhG809ALv +EHY57lQsBS3G59RZyBPVqAqmImWNJnVzAgMBAAGjKTAnMCUGA1UdEQQeMByCGnNl +bGYtc2lnbmVkLnB5dGhvbnRlc3QubmV0MA0GCSqGSIb3DQEBBQUAA4GBAIOXmdtM +eG9qzP9TiXW/Gc/zI4cBfdCpC+Y4gOfC9bQUC7hefix4iO3+iZjgy3X/FaRxUUoV +HKiXcXIaWqTSUWp45cSh0MbwZXudp6JIAptzdAhvvCrPKeC9i9GvxsPD4LtDAL97 +vSaxQBezA7hdxZd90/EeyMgVZgAnTCnvAWX9 +-----END CERTIFICATE----- diff --git a/Lib/test/test_httplib.py b/Lib/test/test_httplib.py index 226e79e..52dae95 100644 --- a/Lib/test/test_httplib.py +++ b/Lib/test/test_httplib.py @@ -15,8 +15,8 @@ here = os.path.dirname(__file__) CERT_localhost = os.path.join(here, 'keycert.pem') # Self-signed cert file for 'fakehostname' CERT_fakehostname = os.path.join(here, 'keycert2.pem') -# Root cert file (CA) for svn.python.org's cert -CACERT_svn_python_org = os.path.join(here, 'https_svn_python_org_root.pem') +# Self-signed cert file for self-signed.pythontest.net +CERT_selfsigned_pythontestdotnet = os.path.join(here, 'selfsigned_pythontestdotnet.pem') HOST = support.HOST @@ -570,17 +570,18 @@ class HTTPSTest(TestCase): self._check_svn_python_org(resp) def test_networked_good_cert(self): - # We feed a CA cert that validates the server's cert + # We feed the server's cert as a validating cert import ssl support.requires('network') - with support.transient_internet('svn.python.org'): + with support.transient_internet('self-signed.pythontest.net'): context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) context.verify_mode = ssl.CERT_REQUIRED - context.load_verify_locations(CACERT_svn_python_org) - h = client.HTTPSConnection('svn.python.org', 443, context=context) + context.load_verify_locations(CERT_selfsigned_pythontestdotnet) + h = client.HTTPSConnection('self-signed.pythontest.net', 443, context=context) h.request('GET', '/') resp = h.getresponse() - self._check_svn_python_org(resp) + server_string = resp.getheader('server') + self.assertIn('nginx', server_string) def test_networked_bad_cert(self): # We feed a "CA" cert that is unrelated to the server's cert |