1 files changed, 49 insertions, 5 deletions

diff --git a/Lib/test/test_imaplib.py b/Lib/test/test_imaplib.py
index 7c9afd9..838411e 100644
--- a/Lib/test/test_imaplib.py
+++ b/Lib/test/test_imaplib.py
@@ -20,6 +20,7 @@ except ImportError:
     ssl = None
 
 CERTFILE = None
+CAFILE = None
 
 
 class TestImaplib(unittest.TestCase):
@@ -54,7 +55,9 @@ class TestImaplib(unittest.TestCase):
                 '"18-May-2033 05:33:20 +0200"']
 
     @run_with_locale('LC_ALL', 'de_DE', 'fr_FR')
-    @run_with_tz('STD-1DST')
+    # DST rules included to work around quirk where the Gnu C library may not
+    # otherwise restore the previous time zone
+    @run_with_tz('STD-1DST,M3.2.0,M11.1.0')
     def test_Time2Internaldate(self):
         expected = '"18-May-2033 05:33:20 +0200"'
 
@@ -125,7 +128,7 @@ class SimpleIMAPHandler(socketserver.StreamRequestHandler):
                         # Naked sockets return empty strings..
                         return
                     line += part
-                except IOError:
+                except OSError:
                     # ..but SSLSockets raise exceptions.
                     return
                 if line.endswith(b'\r\n'):
@@ -324,6 +327,25 @@ class BaseThreadedNetworkedTests(unittest.TestCase):
             self.assertEqual(ret, "OK")
 
 
+
+    @reap_threads
+    def test_aborted_authentication(self):
+
+        class MyServer(SimpleIMAPHandler):
+
+            def cmd_AUTHENTICATE(self, tag, args):
+                self._send_textline('+')
+                self.response = yield
+
+                if self.response == b'*\r\n':
+                    self._send_tagged(tag, 'NO', '[AUTHENTICATIONFAILED] aborted')
+                else:
+                    self._send_tagged(tag, 'OK', 'MYAUTH successful')
+
+        with self.reaped_pair(MyServer) as (server, client):
+            with self.assertRaises(imaplib.IMAP4.error):
+                code, data = client.authenticate('MYAUTH', lambda x: None)
+
     def test_linetoolong(self):
         class TooLongHandler(SimpleIMAPHandler):
             def handle(self):
@@ -347,6 +369,25 @@ class ThreadedNetworkedTestsSSL(BaseThreadedNetworkedTests):
     server_class = SecureTCPServer
     imap_class = IMAP4_SSL
 
+    @reap_threads
+    def test_ssl_verified(self):
+        ssl_context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
+        ssl_context.verify_mode = ssl.CERT_REQUIRED
+        ssl_context.check_hostname = True
+        ssl_context.load_verify_locations(CAFILE)
+
+        with self.assertRaisesRegex(ssl.CertificateError,
+                                    "hostname '127.0.0.1' doesn't match 'localhost'"):
+            with self.reaped_server(SimpleIMAPHandler) as server:
+                client = self.imap_class(*server.server_address,
+                                         ssl_context=ssl_context)
+                client.shutdown()
+
+        with self.reaped_server(SimpleIMAPHandler) as server:
+            client = self.imap_class("localhost", server.server_address[1],
+                                     ssl_context=ssl_context)
+            client.shutdown()
+
 
 class RemoteIMAPTest(unittest.TestCase):
     host = 'cyrus.andrew.cmu.edu'
@@ -459,11 +500,15 @@ def load_tests(*args):
 
     if support.is_resource_enabled('network'):
         if ssl:
-            global CERTFILE
+            global CERTFILE, CAFILE
             CERTFILE = os.path.join(os.path.dirname(__file__) or os.curdir,
-                                    "keycert.pem")
+                                    "keycert3.pem")
             if not os.path.exists(CERTFILE):
                 raise support.TestFailed("Can't read certificate files!")
+            CAFILE = os.path.join(os.path.dirname(__file__) or os.curdir,
+                                 "pycacert.pem")
+            if not os.path.exists(CAFILE):
+                raise support.TestFailed("Can't read CA file!")
         tests.extend([
             ThreadedNetworkedTests, ThreadedNetworkedTestsSSL,
             RemoteIMAPTest, RemoteIMAP_SSLTest, RemoteIMAP_STARTTLSTest,
@@ -473,5 +518,4 @@ def load_tests(*args):
 
 
 if __name__ == "__main__":
-    support.use_resources = ['network']
     unittest.main()