##// END OF EJS Templates
wireproto: add known([id]) function...
wireproto: add known([id]) function known([Node]) -> [1/0] Returns 1/0 for each node, indicating whether it's known by the server. Needed for new discovery protocols introduced in later patches.

File last commit:

r13249:75d0c38a stable
r13723:e615765f default
Show More
test-url.py
54 lines | 1.7 KiB | text/x-python | PythonLexer
Augie Fackler
test-url: skip test when ssl module is unavailable
r12737 import sys
Mads Kiilerich
url: verify correctness of https server certificates (issue2407)...
r12592
def check(a, b):
if a != b:
print (a, b)
Martin Geisler
test-url: refactor with shorter lines
r12606 def cert(cn):
return dict(subject=((('commonName', cn),),))
Mads Kiilerich
url: verify correctness of https server certificates (issue2407)...
r12592 from mercurial.url import _verifycert
Augie Fackler
test-url: remove trailing whitespace
r12724 # Test non-wildcard certificates
Martin Geisler
test-url: refactor with shorter lines
r12606 check(_verifycert(cert('example.com'), 'example.com'),
None)
check(_verifycert(cert('example.com'), 'www.example.com'),
'certificate is for example.com')
check(_verifycert(cert('www.example.com'), 'example.com'),
'certificate is for www.example.com')
Mads Kiilerich
url: verify correctness of https server certificates (issue2407)...
r12592
# Test wildcard certificates
Martin Geisler
test-url: refactor with shorter lines
r12606 check(_verifycert(cert('*.example.com'), 'www.example.com'),
None)
check(_verifycert(cert('*.example.com'), 'example.com'),
'certificate is for *.example.com')
check(_verifycert(cert('*.example.com'), 'w.w.example.com'),
'certificate is for *.example.com')
Mads Kiilerich
url: verify correctness of https server certificates (issue2407)...
r12592
Yuya Nishihara
url: check subjectAltName when verifying ssl certificate...
r13249 # Test subjectAltName
san_cert = {'subject': ((('commonName', 'example.com'),),),
'subjectAltName': (('DNS', '*.example.net'),
('DNS', 'example.net'))}
check(_verifycert(san_cert, 'example.net'),
None)
check(_verifycert(san_cert, 'foo.example.net'),
None)
# subject is only checked when subjectAltName is empty
check(_verifycert(san_cert, 'example.com'),
'certificate is for *.example.net, example.net')
Mads Kiilerich
url: verify correctness of https server certificates (issue2407)...
r12592 # Avoid some pitfalls
Martin Geisler
test-url: refactor with shorter lines
r12606 check(_verifycert(cert('*.foo'), 'foo'),
'certificate is for *.foo')
check(_verifycert(cert('*o'), 'foo'),
'certificate is for *o')
Mads Kiilerich
url: verify correctness of https server certificates (issue2407)...
r12592
Mads Kiilerich
url: validity (notBefore/notAfter) is checked by OpenSSL (issue2407)...
r12742 check(_verifycert({'subject': ()},
Martin Geisler
test-url: refactor with shorter lines
r12606 'example.com'),
Yuya Nishihara
url: check subjectAltName when verifying ssl certificate...
r13249 'no commonName or subjectAltName found in certificate')
Mads Kiilerich
url: verify correctness of https server certificates (issue2407)...
r12592 check(_verifycert(None, 'example.com'),
Martin Geisler
test-url: refactor with shorter lines
r12606 'no certificate received')
Yuya Nishihara
url: fix UnicodeDecodeError on certificate verification error...
r13248
# Unicode (IDN) certname isn't supported
check(_verifycert(cert(u'\u4f8b.jp'), 'example.jp'),
'IDN in certificate not supported')