mercurial: tests/test-url.py@24f16c2c6d41 (annotated)

12592 f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	1	#!/usr/bin/env python
12725 24f16c2c6d41 test-url: skip test when ssl module is unavailable Augie Fackler <durin42@gmail.com> parents: 12724 diff changeset	2	import sys
24f16c2c6d41 test-url: skip test when ssl module is unavailable Augie Fackler <durin42@gmail.com> parents: 12724 diff changeset	3	try:
24f16c2c6d41 test-url: skip test when ssl module is unavailable Augie Fackler <durin42@gmail.com> parents: 12724 diff changeset	4	import ssl
24f16c2c6d41 test-url: skip test when ssl module is unavailable Augie Fackler <durin42@gmail.com> parents: 12724 diff changeset	5	except ImportError:
24f16c2c6d41 test-url: skip test when ssl module is unavailable Augie Fackler <durin42@gmail.com> parents: 12724 diff changeset	6	sys.exit(80)
12592 f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	7
f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	8	def check(a, b):
f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	9	if a != b:
f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	10	print (a, b)
f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	11
12606 5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	12	def cert(cn):
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	13	return dict(subject=((('commonName', cn),),))
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	14
12592 f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	15	from mercurial.url import _verifycert
f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	16
12724 66e7ba85585b test-url: remove trailing whitespace Augie Fackler <durin42@gmail.com> parents: 12606 diff changeset	17	# Test non-wildcard certificates
12606 5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	18	check(_verifycert(cert('example.com'), 'example.com'),
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	19	None)
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	20	check(_verifycert(cert('example.com'), 'www.example.com'),
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	21	'certificate is for example.com')
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	22	check(_verifycert(cert('www.example.com'), 'example.com'),
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	23	'certificate is for www.example.com')
12592 f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	24
f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	25	# Test wildcard certificates
12606 5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	26	check(_verifycert(cert('*.example.com'), 'www.example.com'),
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	27	None)
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	28	check(_verifycert(cert('*.example.com'), 'example.com'),
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	29	'certificate is for *.example.com')
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	30	check(_verifycert(cert('*.example.com'), 'w.w.example.com'),
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	31	'certificate is for *.example.com')
12592 f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	32
f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	33	# Avoid some pitfalls
12606 5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	34	check(_verifycert(cert('*.foo'), 'foo'),
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	35	'certificate is for *.foo')
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	36	check(_verifycert(cert('*o'), 'foo'),
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	37	'certificate is for *o')
12592 f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	38
f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	39	import time
f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	40	lastyear = time.gmtime().tm_year - 1
f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	41	nextyear = time.gmtime().tm_year + 1
12606 5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	42	check(_verifycert({'notAfter': 'May 9 00:00:00 %s GMT' % lastyear},
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	43	'example.com'),
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	44	'certificate expired May 9 00:00:00 %s GMT' % lastyear)
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	45	check(_verifycert({'notBefore': 'May 9 00:00:00 %s GMT' % nextyear},
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	46	'example.com'),
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	47	'certificate not valid before May 9 00:00:00 %s GMT' % nextyear)
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	48	check(_verifycert({'notAfter': 'Sep 29 15:29:48 %s GMT' % nextyear,
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	49	'subject': ()},
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	50	'example.com'),
5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	51	'no commonName found in certificate')
12592 f2937d6492c5 url: verify correctness of https server certificates (issue2407) Mads Kiilerich <mads@kiilerich.com> parents: diff changeset	52	check(_verifycert(None, 'example.com'),
12606 5c8353692123 test-url: refactor with shorter lines Martin Geisler <mg@aragost.com> parents: 12592 diff changeset	53	'no certificate received')

author	Augie Fackler <durin42@gmail.com>
	Tue, 12 Oct 2010 11:02:45 -0500
changeset 12725	24f16c2c6d41
parent 12724	66e7ba85585b
child 12738	e9733f96b38b
permissions	-rw-r--r--