File: test_pyopenssl.py

package info (click to toggle)
mozjs78 78.15.0-7
  • links: PTS, VCS
  • area: main
  • in suites: bookworm
  • size: 739,892 kB
  • sloc: javascript: 1,344,214; cpp: 1,215,708; python: 526,544; ansic: 433,835; xml: 118,736; sh: 26,176; asm: 16,664; makefile: 11,537; yacc: 4,486; perl: 2,564; ada: 1,681; lex: 1,414; pascal: 1,139; cs: 879; exp: 499; java: 164; ruby: 68; sql: 45; csh: 35; sed: 18; lisp: 2
file content (98 lines) | stat: -rw-r--r-- 2,743 bytes parent folder | download | duplicates (6) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
 
# -*- coding: utf-8 -*-
import os

import mock
import pytest

try:
    from urllib3.contrib.pyopenssl import _dnsname_to_stdlib, get_subj_alt_name
    from cryptography import x509
    from OpenSSL.crypto import FILETYPE_PEM, load_certificate
except ImportError:
    pass


def setup_module():
    try:
        from urllib3.contrib.pyopenssl import inject_into_urllib3

        inject_into_urllib3()
    except ImportError as e:
        pytest.skip("Could not import PyOpenSSL: %r" % e)


def teardown_module():
    try:
        from urllib3.contrib.pyopenssl import extract_from_urllib3

        extract_from_urllib3()
    except ImportError:
        pass


from ..with_dummyserver.test_https import (  # noqa: F401
    TestHTTPS,
    TestHTTPS_TLSv1,
    TestHTTPS_TLSv1_1,
    TestHTTPS_TLSv1_2,
    TestHTTPS_TLSv1_3,
    TestHTTPS_IPSAN,
    TestHTTPS_IPv6Addr,
    TestHTTPS_NoSAN,
    TestHTTPS_IPV6SAN,
)
from ..with_dummyserver.test_socketlevel import (  # noqa: F401
    TestSNI,
    TestSocketClosing,
    TestClientCerts,
    TestSSL,
)


class TestPyOpenSSLHelpers(object):
    """
    Tests for PyOpenSSL helper functions.
    """

    def test_dnsname_to_stdlib_simple(self):
        """
        We can convert a dnsname to a native string when the domain is simple.
        """
        name = u"उदाहरण.परीक"
        expected_result = "xn--p1b6ci4b4b3a.xn--11b5bs8d"

        assert _dnsname_to_stdlib(name) == expected_result

    def test_dnsname_to_stdlib_leading_period(self):
        """
        If there is a . in front of the domain name we correctly encode it.
        """
        name = u".उदाहरण.परीक"
        expected_result = ".xn--p1b6ci4b4b3a.xn--11b5bs8d"

        assert _dnsname_to_stdlib(name) == expected_result

    def test_dnsname_to_stdlib_leading_splat(self):
        """
        If there's a wildcard character in the front of the string we handle it
        appropriately.
        """
        name = u"*.उदाहरण.परीक"
        expected_result = "*.xn--p1b6ci4b4b3a.xn--11b5bs8d"

        assert _dnsname_to_stdlib(name) == expected_result

    @mock.patch("urllib3.contrib.pyopenssl.log.warning")
    def test_get_subj_alt_name(self, mock_warning):
        """
        If a certificate has two subject alternative names, cryptography raises
        an x509.DuplicateExtension exception.
        """
        path = os.path.join(os.path.dirname(__file__), "duplicate_san.pem")
        with open(path, "r") as fp:
            cert = load_certificate(FILETYPE_PEM, fp.read())

        assert get_subj_alt_name(cert) == []

        assert mock_warning.call_count == 1
        assert isinstance(mock_warning.call_args[0][1], x509.DuplicateExtension)