mercurial: tests/test-url.py@00411a4fa1bb (annotated)

12737 7adb1274a4f9 test-url: skip test when ssl module is unavailable Augie Fackler <durin42@gmail.com> parents: 12592 diff changeset	1	import sys
12592 f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	2
f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	3	def check(a, b):
f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	4	if a != b:
f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	5	print (a, b)
f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	6
12606 5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	7	def cert(cn):
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	8	return dict(subject=((('commonName', cn),),))
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	9
12592 f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	10	from mercurial.url import _verifycert
f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	11
12724 66e7ba85585b test-url: remove trailing whitespace Augie Fackler <durin42@gmail.com> parents: 12606 diff changeset	12	# Test non-wildcard certificates
12606 5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	13	check(_verifycert(cert('example.com'), 'example.com'),
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	14	None)
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	15	check(_verifycert(cert('example.com'), 'www.example.com'),
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	16	'certificate is for example.com')
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	17	check(_verifycert(cert('www.example.com'), 'example.com'),
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	18	'certificate is for www.example.com')
12592 f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	19
f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	20	# Test wildcard certificates
12606 5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	21	check(_verifycert(cert('*.example.com'), 'www.example.com'),
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	22	None)
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	23	check(_verifycert(cert('*.example.com'), 'example.com'),
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	24	'certificate is for *.example.com')
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	25	check(_verifycert(cert('*.example.com'), 'w.w.example.com'),
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	26	'certificate is for *.example.com')
12592 f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	27
f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	28	# Avoid some pitfalls
12606 5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	29	check(_verifycert(cert('*.foo'), 'foo'),
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	30	'certificate is for *.foo')
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	31	check(_verifycert(cert('*o'), 'foo'),
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	32	'certificate is for *o')
12592 f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	33
12742 6ab4a7d3c179 url: validity (notBefore/notAfter) is checked by OpenSSL (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: 12738 diff changeset	34	check(_verifycert({'subject': ()},
12606 5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	35	'example.com'),
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	36	'no commonName found in certificate')
12592 f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	37	check(_verifycert(None, 'example.com'),
12606 5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	38	'no certificate received')
13248 00411a4fa1bb url: fix UnicodeDecodeError on certificate verification error Yuya Nishihara <yuya@tcha.org> parents: 12865 diff changeset	39
00411a4fa1bb url: fix UnicodeDecodeError on certificate verification error Yuya Nishihara <yuya@tcha.org> parents: 12865 diff changeset	40	# Unicode (IDN) certname isn't supported
00411a4fa1bb url: fix UnicodeDecodeError on certificate verification error Yuya Nishihara <yuya@tcha.org> parents: 12865 diff changeset	41	check(_verifycert(cert(u'\u4f8b.jp'), 'example.jp'),
00411a4fa1bb url: fix UnicodeDecodeError on certificate verification error Yuya Nishihara <yuya@tcha.org> parents: 12865 diff changeset	42	'IDN in certificate not supported')

author	Yuya Nishihara <yuya@tcha.org>
	Sat, 08 Jan 2011 21:52:25 +0900
branch	stable
changeset 13248	00411a4fa1bb
parent 12865	4c50552fc9bc
child 13249	75d0c38a0bca
permissions	-rw-r--r--