Beispiel #1
0
 def test_match_hostname_ip_address_ipv6_brackets(self) -> None:
     cert: "_TYPE_PEER_CERT_RET_DICT" = {
         "subjectAltName": (("IP Address", "1:2::2:1"), )
     }
     asserted_hostname = "[1:2::2:1]"
     # Assert no error is raised
     _match_hostname(cert, asserted_hostname)
Beispiel #2
0
 def test_match_hostname_more_than_one_dnsname_error(self) -> None:
     cert: "_TYPE_PEER_CERT_RET_DICT" = {
         "subjectAltName": (("DNS", "foo*"), ("DNS", "fo*"))
     }
     asserted_hostname = "bar"
     with pytest.raises(CertificateError, match="doesn't match either of"):
         _match_hostname(cert, asserted_hostname)
Beispiel #3
0
 def test_match_hostname_mismatch(self):
     cert = {'subjectAltName': [('DNS', 'foo')]}
     asserted_hostname = 'bar'
     try:
         with mock.patch('urllib3.connection.log.error') as mock_log:
             _match_hostname(cert, asserted_hostname)
     except CertificateError as e:
         self.assertEqual(str(e), "hostname 'bar' doesn't match 'foo'")
         mock_log.assert_called_once_with(
             'Certificate did not match expected hostname: %s. '
             'Certificate: %s', 'bar', {'subjectAltName': [('DNS', 'foo')]})
         self.assertEqual(e._peer_cert, cert)
Beispiel #4
0
 def test_match_hostname_dns_with_brackets_doesnt_match(self) -> None:
     cert: "_TYPE_PEER_CERT_RET_DICT" = {
         "subjectAltName": (
             ("DNS", "localhost"),
             ("IP Address", "localhost"),
         )
     }
     asserted_hostname = "[localhost]"
     with pytest.raises(CertificateError) as e:
         _match_hostname(cert, asserted_hostname)
     assert (
         "hostname '[localhost]' doesn't match either of 'localhost', 'localhost'"
         in str(e.value))
Beispiel #5
0
 def test_match_hostname_ip_address_ipv6(self) -> None:
     cert = {"subjectAltName": (("IP Address", "1:2::2:1"), )}
     asserted_hostname = "1:2::2:2"
     try:
         with mock.patch("urllib3.connection.log.warning") as mock_log:
             _match_hostname(cert, asserted_hostname)
     except CertificateError as e:
         assert "hostname '1:2::2:2' doesn't match '1:2::2:1'" in str(e)
         mock_log.assert_called_once_with(
             "Certificate did not match expected hostname: %s. Certificate: %s",
             "1:2::2:2",
             {"subjectAltName": (("IP Address", "1:2::2:1"), )},
         )
         assert e._peer_cert == cert
Beispiel #6
0
 def test_match_hostname_mismatch(self):
     cert = {'subjectAltName': [('DNS', 'foo')]}
     asserted_hostname = 'bar'
     try:
         with mock.patch('urllib3.connection.log.error') as mock_log:
             _match_hostname(cert, asserted_hostname)
     except CertificateError as e:
         self.assertEqual(str(e), "hostname 'bar' doesn't match 'foo'")
         mock_log.assert_called_once_with(
             'Certificate did not match expected hostname: %s. '
             'Certificate: %s',
             'bar', {'subjectAltName': [('DNS', 'foo')]}
         )
         self.assertEqual(e._peer_cert, cert)
Beispiel #7
0
 def test_match_hostname_no_dns(self) -> None:
     cert: "_TYPE_PEER_CERT_RET_DICT" = {"subjectAltName": (("DNS", ""), )}
     asserted_hostname = "bar"
     try:
         with mock.patch("urllib3.connection.log.warning") as mock_log:
             _match_hostname(cert, asserted_hostname)
     except CertificateError as e:
         assert "hostname 'bar' doesn't match ''" in str(e)
         mock_log.assert_called_once_with(
             "Certificate did not match expected hostname: %s. Certificate: %s",
             "bar",
             {"subjectAltName": (("DNS", ""), )},
         )
         assert e._peer_cert == cert
Beispiel #8
0
 def test_match_hostname_mismatch(self):
     cert = {"subjectAltName": [("DNS", "foo")]}
     asserted_hostname = "bar"
     try:
         with mock.patch("urllib3.connection.log.warning") as mock_log:
             _match_hostname(cert, asserted_hostname)
     except CertificateError as e:
         assert "hostname 'bar' doesn't match 'foo'" in str(e)
         mock_log.assert_called_once_with(
             "Certificate did not match expected hostname: %s. " "Certificate: %s",
             "bar",
             {"subjectAltName": [("DNS", "foo")]},
         )
         assert e._peer_cert == cert
Beispiel #9
0
 def test_match_hostname_startwith_wildcard(self) -> None:
     cert: "_TYPE_PEER_CERT_RET_DICT" = {"subjectAltName": (("DNS", "*"), )}
     asserted_hostname = "foo"
     _match_hostname(cert, asserted_hostname)
Beispiel #10
0
 def test_match_hostname_match(self):
     cert = {'subjectAltName': [('DNS', 'foo')]}
     asserted_hostname = 'foo'
     _match_hostname(cert, asserted_hostname)
 def test_match_hostname_empty_cert(self):
     cert = {}
     asserted_hostname = 'foo'
     with pytest.raises(ValueError):
         _match_hostname(cert, asserted_hostname)
Beispiel #12
0
 def test_match_hostname_match(self):
     cert = {"subjectAltName": [("DNS", "foo")]}
     asserted_hostname = "foo"
     _match_hostname(cert, asserted_hostname)
Beispiel #13
0
 def test_match_hostname_no_cert(self):
     cert = None
     asserted_hostname = "foo"
     with pytest.raises(ValueError):
         _match_hostname(cert, asserted_hostname)
Beispiel #14
0
 def test_match_hostname_dnsname(self):
     cert = {"subjectAltName": [("DNS", "xn--p1b6ci4b4b3a*.xn--11b5bs8d")]}
     asserted_hostname = "xn--p1b6ci4b4b3a*.xn--11b5bs8d"
     _match_hostname(cert, asserted_hostname)
Beispiel #15
0
 def test_match_hostname_include_wildcard(self) -> None:
     cert: "_TYPE_PEER_CERT_RET_DICT" = {
         "subjectAltName": (("DNS", "foo*"), )
     }
     asserted_hostname = "foobar"
     _match_hostname(cert, asserted_hostname)
Beispiel #16
0
 def test_match_hostname_dnsname(self) -> None:
     cert: "_TYPE_PEER_CERT_RET_DICT" = {
         "subjectAltName": (("DNS", "xn--p1b6ci4b4b3a*.xn--11b5bs8d"), )
     }
     asserted_hostname = "xn--p1b6ci4b4b3a*.xn--11b5bs8d"
     _match_hostname(cert, asserted_hostname)
Beispiel #17
0
 def test_match_hostname_startwith_wildcard(self):
     cert = {"subjectAltName": [("DNS", "*")]}
     asserted_hostname = "foo"
     _match_hostname(cert, asserted_hostname)
Beispiel #18
0
 def test_match_hostname_empty_cert(self) -> None:
     cert: "_TYPE_PEER_CERT_RET_DICT" = {}
     asserted_hostname = "foo"
     with pytest.raises(ValueError):
         _match_hostname(cert, asserted_hostname)
Beispiel #19
0
 def test_match_hostname_include_wildcard(self):
     cert = {"subjectAltName": [("DNS", "foo*")]}
     asserted_hostname = "foobar"
     _match_hostname(cert, asserted_hostname)
Beispiel #20
0
 def test_match_hostname_match(self) -> None:
     cert: _TYPE_PEER_CERT_RET = {"subjectAltName": (("DNS", "foo"), )}
     asserted_hostname = "foo"
     _match_hostname(cert, asserted_hostname)