tests/test-url.py
author Martin Geisler <mg@lazybytes.net>
Mon, 25 Oct 2010 23:46:26 +0200
branchstable
changeset 12842 9905fb060ace
parent 12742 6ab4a7d3c179
child 12865 4c50552fc9bc
permissions -rw-r--r--
lsprof: remove #!-line from non-executable script It triggered an rpmlint error, reported by Neal Becker.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
12592
f2937d6492c5 url: verify correctness of https server certificates (issue2407)
Mads Kiilerich <mads@kiilerich.com>
parents:
diff changeset
     1
#!/usr/bin/env python
12737
7adb1274a4f9 test-url: skip test when ssl module is unavailable
Augie Fackler <durin42@gmail.com>
parents: 12592
diff changeset
     2
import sys
12592
f2937d6492c5 url: verify correctness of https server certificates (issue2407)
Mads Kiilerich <mads@kiilerich.com>
parents:
diff changeset
     3
f2937d6492c5 url: verify correctness of https server certificates (issue2407)
Mads Kiilerich <mads@kiilerich.com>
parents:
diff changeset
     4
def check(a, b):
f2937d6492c5 url: verify correctness of https server certificates (issue2407)
Mads Kiilerich <mads@kiilerich.com>
parents:
diff changeset
     5
    if a != b:
f2937d6492c5 url: verify correctness of https server certificates (issue2407)
Mads Kiilerich <mads@kiilerich.com>
parents:
diff changeset
     6
        print (a, b)
f2937d6492c5 url: verify correctness of https server certificates (issue2407)
Mads Kiilerich <mads@kiilerich.com>
parents:
diff changeset
     7
12606
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
     8
def cert(cn):
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
     9
    return dict(subject=((('commonName', cn),),))
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
    10
12592
f2937d6492c5 url: verify correctness of https server certificates (issue2407)
Mads Kiilerich <mads@kiilerich.com>
parents:
diff changeset
    11
from mercurial.url import _verifycert
f2937d6492c5 url: verify correctness of https server certificates (issue2407)
Mads Kiilerich <mads@kiilerich.com>
parents:
diff changeset
    12
12724
66e7ba85585b test-url: remove trailing whitespace
Augie Fackler <durin42@gmail.com>
parents: 12606
diff changeset
    13
# Test non-wildcard certificates
12606
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
    14
check(_verifycert(cert('example.com'), 'example.com'),
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
    15
      None)
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
    16
check(_verifycert(cert('example.com'), 'www.example.com'),
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
    17
      'certificate is for example.com')
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
    18
check(_verifycert(cert('www.example.com'), 'example.com'),
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
    19
      'certificate is for www.example.com')
12592
f2937d6492c5 url: verify correctness of https server certificates (issue2407)
Mads Kiilerich <mads@kiilerich.com>
parents:
diff changeset
    20
f2937d6492c5 url: verify correctness of https server certificates (issue2407)
Mads Kiilerich <mads@kiilerich.com>
parents:
diff changeset
    21
# Test wildcard certificates
12606
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
    22
check(_verifycert(cert('*.example.com'), 'www.example.com'),
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
    23
      None)
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
    24
check(_verifycert(cert('*.example.com'), 'example.com'),
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
    25
      'certificate is for *.example.com')
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
    26
check(_verifycert(cert('*.example.com'), 'w.w.example.com'),
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
    27
      'certificate is for *.example.com')
12592
f2937d6492c5 url: verify correctness of https server certificates (issue2407)
Mads Kiilerich <mads@kiilerich.com>
parents:
diff changeset
    28
f2937d6492c5 url: verify correctness of https server certificates (issue2407)
Mads Kiilerich <mads@kiilerich.com>
parents:
diff changeset
    29
# Avoid some pitfalls
12606
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
    30
check(_verifycert(cert('*.foo'), 'foo'),
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
    31
      'certificate is for *.foo')
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
    32
check(_verifycert(cert('*o'), 'foo'),
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
    33
      'certificate is for *o')
12592
f2937d6492c5 url: verify correctness of https server certificates (issue2407)
Mads Kiilerich <mads@kiilerich.com>
parents:
diff changeset
    34
12742
6ab4a7d3c179 url: validity (notBefore/notAfter) is checked by OpenSSL (issue2407)
Mads Kiilerich <mads@kiilerich.com>
parents: 12738
diff changeset
    35
check(_verifycert({'subject': ()},
12606
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
    36
                  'example.com'),
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
    37
      'no commonName found in certificate')
12592
f2937d6492c5 url: verify correctness of https server certificates (issue2407)
Mads Kiilerich <mads@kiilerich.com>
parents:
diff changeset
    38
check(_verifycert(None, 'example.com'),
12606
5c8353692123 test-url: refactor with shorter lines
Martin Geisler <mg@aragost.com>
parents: 12592
diff changeset
    39
      'no certificate received')