def test_ssl_cert_cname_wildcard(self):
"""Test certificate: wildcard CN match."""
cert_file = os.path.join(TEST_VAR_DIR, 'wildcard-certificate.crt')
cert = crypto.load_certificate(crypto.FILETYPE_PEM,
open(cert_file).read())
# The expected cert should have CN=*.pong.example.com
self.assertEqual('*.pong.example.com', cert.get_subject().commonName)
try:
conn = https.VerifiedHTTPSConnection('ping.pong.example.com', 0)
https.do_verify_callback(None, cert, 0, 0, 1, host=conn.host)
except Exception:
self.fail('Unexpected exception.')
def test_ssl_cert_cname(self):
"""
Test certificate: CN match
"""
cert_file = os.path.join(TEST_VAR_DIR, "certificate.crt")
cert = crypto.load_certificate(crypto.FILETYPE_PEM, open(cert_file).read())
# The expected cert should have CN=0.0.0.0
self.assertEqual("0.0.0.0", cert.get_subject().commonName)
try:
conn = https.VerifiedHTTPSConnection("0.0.0.0", 0)
https.do_verify_callback(None, cert, 0, 0, 1, host=conn.host)
except Exception:
self.fail("Unexpected exception.")
def test_ssl_cert_cname_wildcard(self):
"""
Test certificate: wildcard CN match
"""
cert_file = os.path.join(TEST_VAR_DIR, 'wildcard-certificate.crt')
cert = crypto.load_certificate(crypto.FILETYPE_PEM,
open(cert_file).read())
# The expected cert should have CN=*.pong.example.com
self.assertEqual('*.pong.example.com', cert.get_subject().commonName)
try:
conn = https.VerifiedHTTPSConnection('ping.pong.example.com', 0)
https.do_verify_callback(None, cert, 0, 0, 1, host=conn.host)
except Exception:
self.fail('Unexpected exception.')
def test_ssl_cert_subject_alt_name_wildcard(self):
"""
Test certificate: wildcard SAN match
"""
cert_file = os.path.join(TEST_VAR_DIR, 'wildcard-san-certificate.crt')
cert = crypto.load_certificate(crypto.FILETYPE_PEM,
open(cert_file).read())
# The expected cert should have CN=0.0.0.0
self.assertEqual('0.0.0.0', cert.get_subject().commonName)
try:
conn = https.VerifiedHTTPSConnection('alt1.example.com', 0)
https.do_verify_callback(None, cert, 0, 0, 1, host=conn.host)
except Exception:
self.fail('Unexpected exception.')
try:
conn = https.VerifiedHTTPSConnection('alt2.example.com', 0)
https.do_verify_callback(None, cert, 0, 0, 1, host=conn.host)
except Exception:
self.fail('Unexpected exception.')
try:
conn = https.VerifiedHTTPSConnection('alt3.example.net', 0)
https.do_verify_callback(None, cert, 0, 0, 1, host=conn.host)
self.fail('Failed to raise assertion.')
except exc.SSLCertificateError:
pass
def test_ssl_cert_subject_alt_name_wildcard(self):
"""
Test certificate: wildcard SAN match
"""
cert_file = os.path.join(TEST_VAR_DIR, 'wildcard-san-certificate.crt')
cert = crypto.load_certificate(crypto.FILETYPE_PEM,
open(cert_file).read())
# The expected cert should have CN=0.0.0.0
self.assertEqual('0.0.0.0', cert.get_subject().commonName)
try:
conn = https.VerifiedHTTPSConnection('alt1.example.com', 0)
https.do_verify_callback(None, cert, 0, 0, 1, host=conn.host)
except Exception:
self.fail('Unexpected exception.')
try:
conn = https.VerifiedHTTPSConnection('alt2.example.com', 0)
https.do_verify_callback(None, cert, 0, 0, 1, host=conn.host)
except Exception:
self.fail('Unexpected exception.')
try:
conn = https.VerifiedHTTPSConnection('alt3.example.net', 0)
https.do_verify_callback(None, cert, 0, 0, 1, host=conn.host)
self.fail('Failed to raise assertion.')
except exc.SSLCertificateError:
pass
