mirror of https://github.com/python/cpython
gh-108303: Move all certificates to `Lib/test/certdata/` (#109489)
This commit is contained in:
parent
929cc4e4a0
commit
e57ecf6bbc
|
@ -14,7 +14,7 @@ from test.support import socket_helper
|
|||
here = os.path.dirname(__file__)
|
||||
|
||||
HOST = socket_helper.HOST
|
||||
CERTFILE = os.path.join(here, 'keycert.pem')
|
||||
CERTFILE = os.path.join(here, 'certdata', 'keycert.pem')
|
||||
|
||||
# This one's based on HTTPServer, which is based on socketserver
|
||||
|
||||
|
|
|
@ -36,21 +36,21 @@ from test.support import socket_helper
|
|||
from test.support import threading_helper
|
||||
|
||||
|
||||
def data_file(filename):
|
||||
def data_file(*filename):
|
||||
if hasattr(support, 'TEST_HOME_DIR'):
|
||||
fullname = os.path.join(support.TEST_HOME_DIR, filename)
|
||||
fullname = os.path.join(support.TEST_HOME_DIR, *filename)
|
||||
if os.path.isfile(fullname):
|
||||
return fullname
|
||||
fullname = os.path.join(os.path.dirname(__file__), '..', filename)
|
||||
fullname = os.path.join(os.path.dirname(__file__), '..', *filename)
|
||||
if os.path.isfile(fullname):
|
||||
return fullname
|
||||
raise FileNotFoundError(filename)
|
||||
raise FileNotFoundError(os.path.join(filename))
|
||||
|
||||
|
||||
ONLYCERT = data_file('ssl_cert.pem')
|
||||
ONLYKEY = data_file('ssl_key.pem')
|
||||
SIGNED_CERTFILE = data_file('keycert3.pem')
|
||||
SIGNING_CA = data_file('pycacert.pem')
|
||||
ONLYCERT = data_file('certdata', 'ssl_cert.pem')
|
||||
ONLYKEY = data_file('certdata', 'ssl_key.pem')
|
||||
SIGNED_CERTFILE = data_file('certdata', 'keycert3.pem')
|
||||
SIGNING_CA = data_file('certdata', 'pycacert.pem')
|
||||
PEERCERT = {
|
||||
'OCSP': ('http://testca.pythontest.net/testca/ocsp/',),
|
||||
'caIssuers': ('http://testca.pythontest.net/testca/pycacert.cer',),
|
||||
|
|
|
@ -325,8 +325,8 @@ class DummyFTPServer(asyncore.dispatcher, threading.Thread):
|
|||
|
||||
if ssl is not None:
|
||||
|
||||
CERTFILE = os.path.join(os.path.dirname(__file__), "keycert3.pem")
|
||||
CAFILE = os.path.join(os.path.dirname(__file__), "pycacert.pem")
|
||||
CERTFILE = os.path.join(os.path.dirname(__file__), "certdata", "keycert3.pem")
|
||||
CAFILE = os.path.join(os.path.dirname(__file__), "certdata", "pycacert.pem")
|
||||
|
||||
class SSLConnection(asyncore.dispatcher):
|
||||
"""An asyncore.dispatcher subclass supporting TLS/SSL."""
|
||||
|
|
|
@ -21,11 +21,13 @@ support.requires_working_socket(module=True)
|
|||
|
||||
here = os.path.dirname(__file__)
|
||||
# Self-signed cert file for 'localhost'
|
||||
CERT_localhost = os.path.join(here, 'keycert.pem')
|
||||
CERT_localhost = os.path.join(here, 'certdata', 'keycert.pem')
|
||||
# Self-signed cert file for 'fakehostname'
|
||||
CERT_fakehostname = os.path.join(here, 'keycert2.pem')
|
||||
CERT_fakehostname = os.path.join(here, 'certdata', 'keycert2.pem')
|
||||
# Self-signed cert file for self-signed.pythontest.net
|
||||
CERT_selfsigned_pythontestdotnet = os.path.join(here, 'selfsigned_pythontestdotnet.pem')
|
||||
CERT_selfsigned_pythontestdotnet = os.path.join(
|
||||
here, 'certdata', 'selfsigned_pythontestdotnet.pem',
|
||||
)
|
||||
|
||||
# constants for testing chunked encoding
|
||||
chunked_start = (
|
||||
|
|
|
@ -23,8 +23,8 @@ except ImportError:
|
|||
|
||||
support.requires_working_socket(module=True)
|
||||
|
||||
CERTFILE = os.path.join(os.path.dirname(__file__) or os.curdir, "keycert3.pem")
|
||||
CAFILE = os.path.join(os.path.dirname(__file__) or os.curdir, "pycacert.pem")
|
||||
CERTFILE = os.path.join(os.path.dirname(__file__) or os.curdir, "certdata", "keycert3.pem")
|
||||
CAFILE = os.path.join(os.path.dirname(__file__) or os.curdir, "certdata", "pycacert.pem")
|
||||
|
||||
|
||||
class TestImaplib(unittest.TestCase):
|
||||
|
|
|
@ -2170,7 +2170,7 @@ class HTTPHandlerTest(BaseTest):
|
|||
sslctx = None
|
||||
else:
|
||||
here = os.path.dirname(__file__)
|
||||
localhost_cert = os.path.join(here, "keycert.pem")
|
||||
localhost_cert = os.path.join(here, "certdata", "keycert.pem")
|
||||
sslctx = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
|
||||
sslctx.load_cert_chain(localhost_cert)
|
||||
|
||||
|
|
|
@ -29,8 +29,8 @@ if hasattr(poplib, 'POP3_SSL'):
|
|||
import ssl
|
||||
|
||||
SUPPORTS_SSL = True
|
||||
CERTFILE = os.path.join(os.path.dirname(__file__) or os.curdir, "keycert3.pem")
|
||||
CAFILE = os.path.join(os.path.dirname(__file__) or os.curdir, "pycacert.pem")
|
||||
CERTFILE = os.path.join(os.path.dirname(__file__) or os.curdir, "certdata", "keycert3.pem")
|
||||
CAFILE = os.path.join(os.path.dirname(__file__) or os.curdir, "certdata", "pycacert.pem")
|
||||
|
||||
requires_ssl = skipUnless(SUPPORTS_SSL, 'SSL not supported')
|
||||
|
||||
|
|
|
@ -60,10 +60,10 @@ for proto, ver in (
|
|||
PROTOCOL_TO_TLS_VERSION[proto] = ver
|
||||
|
||||
def data_file(*name):
|
||||
return os.path.join(os.path.dirname(__file__), *name)
|
||||
return os.path.join(os.path.dirname(__file__), "certdata", *name)
|
||||
|
||||
# The custom key and certificate files used in test_ssl are generated
|
||||
# using Lib/test/make_ssl_certs.py.
|
||||
# using Lib/test/certdata/make_ssl_certs.py.
|
||||
# Other certificates are simply fetched from the internet servers they
|
||||
# are meant to authenticate.
|
||||
|
||||
|
@ -641,7 +641,7 @@ class BasicSocketTests(unittest.TestCase):
|
|||
def bad_cert_test(self, certfile):
|
||||
"""Check that trying to use the given client certificate fails"""
|
||||
certfile = os.path.join(os.path.dirname(__file__) or os.curdir,
|
||||
certfile)
|
||||
"certdata", certfile)
|
||||
sock = socket.socket()
|
||||
self.addCleanup(sock.close)
|
||||
with self.assertRaises(ssl.SSLError):
|
||||
|
@ -3309,12 +3309,12 @@ class ThreadedTests(unittest.TestCase):
|
|||
# try to connect
|
||||
if support.verbose:
|
||||
sys.stdout.write('\n')
|
||||
with open(CERTFILE, 'rb') as f:
|
||||
# Get this test file itself:
|
||||
with open(__file__, 'rb') as f:
|
||||
d1 = f.read()
|
||||
d2 = ''
|
||||
# now fetch the same data from the HTTPS server
|
||||
url = 'https://localhost:%d/%s' % (
|
||||
server.port, os.path.split(CERTFILE)[1])
|
||||
url = f'https://localhost:{server.port}/test_ssl.py'
|
||||
context = ssl.create_default_context(cafile=SIGNING_CA)
|
||||
f = urllib.request.urlopen(url, context=context)
|
||||
try:
|
||||
|
|
|
@ -21,9 +21,9 @@ support.requires_working_socket(module=True)
|
|||
|
||||
here = os.path.dirname(__file__)
|
||||
# Self-signed cert file for 'localhost'
|
||||
CERT_localhost = os.path.join(here, 'keycert.pem')
|
||||
CERT_localhost = os.path.join(here, 'certdata', 'keycert.pem')
|
||||
# Self-signed cert file for 'fakehostname'
|
||||
CERT_fakehostname = os.path.join(here, 'keycert2.pem')
|
||||
CERT_fakehostname = os.path.join(here, 'certdata', 'keycert2.pem')
|
||||
|
||||
|
||||
# Loopback http server infrastructure
|
||||
|
|
|
@ -2141,7 +2141,8 @@ LIBSUBDIRS= asyncio \
|
|||
TESTSUBDIRS= idlelib/idle_test \
|
||||
test \
|
||||
test/audiodata \
|
||||
test/capath \
|
||||
test/certdata \
|
||||
test/certdata/capath \
|
||||
test/cjkencodings \
|
||||
test/crashers \
|
||||
test/data \
|
||||
|
|
Loading…
Reference in New Issue