Commit Graph

2 Commits

Author SHA1 Message Date
Christian Heimes bd5c7d238c
bpo-32602: Test ECDSA certs (#5247)
Add test certs and test for ECDSA cert and EC/RSA dual mode.

I'm also adding certs for IDNA 2003/2008 tests and simplify some test
data handling.

Signed-off-by: Christian Heimes <christian@python.org>
2018-01-20 15:16:30 +01:00
Martin Panter 3840b2ac67 Issue #25940: Use internal local server more in test_ssl
Move many tests from NetworkedTests and NetworkedBIOTests to a new Simple-
BackgroundTests class, using the existing ThreadedEchoServer and SIGNED_
CERTFILE infrastructure.

For tests that cause the server to crash by rejecting its certificate,
separate them into independent test methods.

Added custom root certificate to capath with the following commands:

cp Lib/test/{pycacert.pem,capath/}
# Edit copy to remove part before certificate
c_rehash -v Lib/test/capath/
c_rehash -v -old Lib/test/capath/
# Note the generated file names
cp Lib/test/capath/{pycacert.pem,b1930218.0}
mv Lib/test/capath/{pycacert.pem,ceff1710.0}

Change to pure PEM version of SIGNING_CA because PEM_cert_to_DER_cert() does
not like the extra text at the start.

Moved test_connect_ex_error() into BasicSocketTests and rewrote it to connect
to a reserved localhost port.

NetworkedTests.test_get_server_certificate_ipv6() split out because it needs
to connect to an IPv6 DNS address.

The only reference left to self-signed.pythontest.net is test_timeout_
connect_ex(), which needs a remote server to reliably time out the
connection, but does not rely on the server running SSL.

Made ThreadedEchoServer call unwrap() by default when it sees the client has
shut the connection down, so that the client can cleanly call unwrap().
2016-03-27 01:53:46 +00:00