##// END OF EJS Templates
sslutil: synchronize hostname matching logic with CPython...
sslutil: synchronize hostname matching logic with CPython sslutil contains its own hostname matching logic. CPython has code for the same intent. However, it is only available to Python 2.7.9+ (or distributions that have backported 2.7.9's ssl module improvements). This patch effectively imports CPython's hostname matching code from its ssl.py into sslutil.py. The hostname matching code itself is pretty similar. However, the DNS name matching code is much more robust and spec conformant. As the test changes show, this changes some behavior around wildcard handling and IDNA matching. The new behavior allows wildcards in the middle of words (e.g. 'f*.com' matches 'foo.com') This is spec compliant according to RFC 6125 Section 6.5.3 item 3. There is one test where the matcher is more strict. Before, '*.a.com' matched '.a.com'. Now it doesn't match. Strictly speaking this is a security vulnerability.

File last commit:

r19846:97896709 stable
r29452:26a5d605 3.8.4 stable
Show More
test-propertycache.py.out
84 lines | 2.2 KiB | text/plain | TextLexer
/ tests / test-propertycache.py.out
=== property cache ===
calllog: []
cached value (unfiltered): NOCACHE
= first access on unfiltered, should do a call
access: 0
calllog: [0]
cached value (unfiltered): 0
= second access on unfiltered, should not do call
access 0
calllog: [0]
cached value (unfiltered): 0
= first access on "visible" view, should do a call
cached value ("visible" view): NOCACHE
access: 7
calllog: [0, 7]
cached value (unfiltered): 0
cached value ("visible" view): 7
= second access on "visible view", should not do call
access: 7
calllog: [0, 7]
cached value (unfiltered): 0
cached value ("visible" view): 7
= no effect on other view
cached value ("immutable" view): NOCACHE
access: 9
calllog: [0, 7, 9]
cached value (unfiltered): 0
cached value ("visible" view): 7
cached value ("immutable" view): 9
=== unfiltered property cache ===
unficalllog: []
cached value (unfiltered): NOCACHE
cached value ("visible" view): NOCACHE
cached value ("immutable" view): NOCACHE
= first access on unfiltered, should do a call
access (unfiltered): 100
unficalllog: [100]
cached value (unfiltered): 100
= second access on unfiltered, should not do call
access (unfiltered): 100
unficalllog: [100]
cached value (unfiltered): 100
= access on view should use the unfiltered cache
access (unfiltered): 100
access ("visible" view): 100
access ("immutable" view): 100
unficalllog: [100]
cached value (unfiltered): 100
cached value ("visible" view): NOCACHE
cached value ("immutable" view): NOCACHE
= even if we clear the unfiltered cache
cached value (unfiltered): NOCACHE
cached value ("visible" view): NOCACHE
cached value ("immutable" view): NOCACHE
unficalllog: [100]
access ("visible" view): 100
unficalllog: [100, 100]
cached value (unfiltered): 100
cached value ("visible" view): NOCACHE
cached value ("immutable" view): NOCACHE
access ("immutable" view): 100
unficalllog: [100, 100]
cached value (unfiltered): 100
cached value ("visible" view): NOCACHE
cached value ("immutable" view): NOCACHE
access (unfiltered): 100
unficalllog: [100, 100]
cached value (unfiltered): 100
cached value ("visible" view): NOCACHE
cached value ("immutable" view): NOCACHE