From 59fdf0f3ba0469f5ee45eee59cc166411fbe0b75 Mon Sep 17 00:00:00 2001
From: "Nathaniel J. Smith" <njs@pobox.com>
Date: Fri, 9 Jun 2017 02:35:16 -0700
Subject: Add a test for bad IDNA in ssl server_hostname (#1997)

See discussion:
  https://github.com/python/cpython/pull/1992#issuecomment-307024778
---
 Lib/test/test_ssl.py | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index 8dcd3b6..fdaf1c5 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -1393,6 +1393,16 @@ class SSLErrorTests(unittest.TestCase):
                 # For compatibility
                 self.assertEqual(cm.exception.errno, ssl.SSL_ERROR_WANT_READ)
 
+    def test_bad_idna_in_server_hostname(self):
+        # Note: this test is testing some code that probably shouldn't exist
+        # in the first place, so if it starts failing at some point because
+        # you made the ssl module stop doing IDNA decoding then please feel
+        # free to remove it. The test was mainly added because this case used
+        # to cause memory corruption (see bpo-30594).
+        ctx = ssl.create_default_context()
+        with self.assertRaises(UnicodeError):
+            ctx.wrap_bio(ssl.MemoryBIO(), ssl.MemoryBIO(),
+                         server_hostname="xn--.com")
 
 class MemoryBIOTests(unittest.TestCase):
 
-- 
cgit v0.12