From: Martin Panter Date: Sat, 30 Jan 2016 02:36:00 +0000 (+0000) Subject: Issue #26173: Fix test_ssl confusion with non-existing cert and wrongcert.pem X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=fd8e8504e27ce4b53c0ae6acfd3cf54f67fe98ce;p=python Issue #26173: Fix test_ssl confusion with non-existing cert and wrongcert.pem Testing for a non-existing certificate file is already done in test_errors(). The wrongcert.pem test was originally testing behaviour with a mismatched certificate. --- diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py index 05efaba7a3..d283c53771 100644 --- a/Lib/test/test_ssl.py +++ b/Lib/test/test_ssl.py @@ -62,7 +62,7 @@ REMOTE_ROOT_CERT = data_file("selfsigned_pythontestdotnet.pem") EMPTYCERT = data_file("nullcert.pem") BADCERT = data_file("badcert.pem") -WRONGCERT = data_file("XXXnonexisting.pem") +NONEXISTINGCERT = data_file("XXXnonexisting.pem") BADKEY = data_file("badkey.pem") NOKIACERT = data_file("nokia.pem") NULLBYTECERT = data_file("nullbytecert.pem") @@ -334,15 +334,17 @@ class BasicSocketTests(unittest.TestCase): s.connect, (HOST, 8080)) with self.assertRaises(IOError) as cm: with closing(socket.socket()) as sock: - ssl.wrap_socket(sock, certfile=WRONGCERT) + ssl.wrap_socket(sock, certfile=NONEXISTINGCERT) self.assertEqual(cm.exception.errno, errno.ENOENT) with self.assertRaises(IOError) as cm: with closing(socket.socket()) as sock: - ssl.wrap_socket(sock, certfile=CERTFILE, keyfile=WRONGCERT) + ssl.wrap_socket(sock, + certfile=CERTFILE, keyfile=NONEXISTINGCERT) self.assertEqual(cm.exception.errno, errno.ENOENT) with self.assertRaises(IOError) as cm: with closing(socket.socket()) as sock: - ssl.wrap_socket(sock, certfile=WRONGCERT, keyfile=WRONGCERT) + ssl.wrap_socket(sock, + certfile=NONEXISTINGCERT, keyfile=NONEXISTINGCERT) self.assertEqual(cm.exception.errno, errno.ENOENT) def test_match_hostname(self): @@ -773,7 +775,7 @@ class ContextTests(unittest.TestCase): ctx.load_cert_chain(CERTFILE, keyfile=CERTFILE) self.assertRaises(TypeError, ctx.load_cert_chain, keyfile=CERTFILE) with self.assertRaises(IOError) as cm: - ctx.load_cert_chain(WRONGCERT) + ctx.load_cert_chain(NONEXISTINGCERT) self.assertEqual(cm.exception.errno, errno.ENOENT) with self.assertRaisesRegexp(ssl.SSLError, "PEM lib"): ctx.load_cert_chain(BADCERT) @@ -859,7 +861,7 @@ class ContextTests(unittest.TestCase): self.assertRaises(TypeError, ctx.load_verify_locations) self.assertRaises(TypeError, ctx.load_verify_locations, None, None, None) with self.assertRaises(IOError) as cm: - ctx.load_verify_locations(WRONGCERT) + ctx.load_verify_locations(NONEXISTINGCERT) self.assertEqual(cm.exception.errno, errno.ENOENT) with self.assertRaises(IOError): ctx.load_verify_locations(u'') @@ -937,7 +939,7 @@ class ContextTests(unittest.TestCase): self.assertRaises(TypeError, ctx.load_dh_params) self.assertRaises(TypeError, ctx.load_dh_params, None) with self.assertRaises(IOError) as cm: - ctx.load_dh_params(WRONGCERT) + ctx.load_dh_params(NONEXISTINGCERT) self.assertEqual(cm.exception.errno, errno.ENOENT) with self.assertRaises(ssl.SSLError) as cm: ctx.load_dh_params(CERTFILE) @@ -1893,11 +1895,6 @@ else: except OSError as x: if support.verbose: sys.stdout.write("\nOSError is %s\n" % x.args[1]) - except OSError as x: - if x.errno != errno.ENOENT: - raise - if support.verbose: - sys.stdout.write("\OSError is %s\n" % str(x)) else: raise AssertionError("Use of invalid cert should have failed!") @@ -2147,8 +2144,8 @@ else: """Connecting with a badly formatted certificate (syntax error)""" bad_cert_test(os.path.join(os.path.dirname(__file__) or os.curdir, "badcert.pem")) - def test_nonexisting_cert(self): - """Connecting with a non-existing cert file""" + def test_wrong_cert(self): + """Connecting with a cert file not matching the server""" bad_cert_test(os.path.join(os.path.dirname(__file__) or os.curdir, "wrongcert.pem")) def test_malformed_key(self):