diff options
| author | Christian Heimes <christian@python.org> | 2016-09-06 23:25:35 +0200 | 
|---|---|---|
| committer | Christian Heimes <christian@python.org> | 2016-09-06 23:25:35 +0200 | 
| commit | 1c03abd0262f658fc420d3bef6118e49044b9d8b (patch) | |
| tree | c6abd1260aec6e3b6e02054455fc5f2138724ee8 /Lib/test/test_ssl.py | |
| parent | 03d13c0cbfe912eb0f9b9a02987b9e569f25fe19 (diff) | |
| download | cpython-git-1c03abd0262f658fc420d3bef6118e49044b9d8b.tar.gz | |
Issue #27691: Fix ssl module's parsing of GEN_RID subject alternative name fields in X.509 certs.
Diffstat (limited to 'Lib/test/test_ssl.py')
| -rw-r--r-- | Lib/test/test_ssl.py | 23 | 
1 files changed, 23 insertions, 0 deletions
| diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py index 79e26ba45b..0f4faa09bd 100644 --- a/Lib/test/test_ssl.py +++ b/Lib/test/test_ssl.py @@ -57,6 +57,8 @@ CRLFILE = data_file("revocation.crl")  SIGNED_CERTFILE = data_file("keycert3.pem")  SIGNED_CERTFILE2 = data_file("keycert4.pem")  SIGNING_CA = data_file("pycacert.pem") +# cert with all kinds of subject alt names +ALLSANFILE = data_file("allsans.pem")  REMOTE_HOST = "self-signed.pythontest.net"  REMOTE_ROOT_CERT = data_file("selfsigned_pythontestdotnet.pem") @@ -279,6 +281,27 @@ class BasicSocketTests(unittest.TestCase):          self.assertEqual(p['subjectAltName'], san) +    def test_parse_all_sans(self): +        p = ssl._ssl._test_decode_cert(ALLSANFILE) +        self.assertEqual(p['subjectAltName'], +            ( +                ('DNS', 'allsans'), +                ('othername', '<unsupported>'), +                ('othername', '<unsupported>'), +                ('email', 'user@example.org'), +                ('DNS', 'www.example.org'), +                ('DirName', +                    ((('countryName', 'XY'),), +                    (('localityName', 'Castle Anthrax'),), +                    (('organizationName', 'Python Software Foundation'),), +                    (('commonName', 'dirname example'),))), +                ('URI', 'https://www.python.org/'), +                ('IP Address', '127.0.0.1'), +                ('IP Address', '0:0:0:0:0:0:0:1\n'), +                ('Registered ID', '1.2.3.4.5') +            ) +        ) +      def test_DER_to_PEM(self):          with open(CAFILE_CACERT, 'r') as f:              pem = f.read() | 
