summaryrefslogtreecommitdiff
path: root/test/with_dummyserver/test_https.py
Commit message (Collapse)AuthorAgeFilesLines
* Release 1.24.2 (#1564)1.24.2releaseSeth Michael Larson2019-04-171-1/+19
| | | | | | | * Don't load system certificates by default when any other ``ca_certs``, ``ca_certs_dir`` or ``ssl_context`` parameters are specified. * Remove Authorization header regardless of case when redirecting to cross-site. (Issue #1510) * Add support for IPv6 addresses in subjectAltName section of certificates. (Issue #1269)
* Remove more Python 2.6 code (#1430)Quentin Pradet2018-08-241-1/+7
|
* Drop support for Python 2.6 (#1429)Hugo2018-08-231-26/+5
|
* Fix coverage reports after src/urlib3 move (#1425)Quentin Pradet2018-08-161-0/+2
|
* Fix test_client_intermediate and test_client_no_intermediate for macOS (#1423)Quentin Pradet2018-08-141-11/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * test_https: fix intermediate certificates format Fixes #1419 They were generated using this script: import trustme root_ca = trustme.CA.from_pem( 'dummyserver/certs/cacert.pem', 'dummyserver/certs/cacert.key') child_ca = root_ca.create_child_ca() server_cert = child_ca.issue_server_cert('LocalClient') server_cert.private_key_and_cert_chain_pem.write_to_path("server.pem") While modifying trustme 0.4.0 dev to add this from_pem function: @classmethod def from_pem(cls, cert_path, key_path): ca = cls() ca.parent_cert = None with open(cert_path, 'rb') as f: data = f.read() ca._certificate = x509.load_pem_x509_certificate( data, backend=default_backend()) constraints = ca._certificate.extensions.get_extension_for_oid( ExtensionOID.BASIC_CONSTRAINTS) with open(key_path, 'rb') as f: data = f.read() ca._private_key = load_pem_private_key( data, password=None, backend=default_backend()) ca.cert_pem = Blob(ca._certificate.public_bytes(Encoding.PEM)) return ca * test_https: accept different macOS error Fixes #1422
* Revert "Fix test_client_no_intermediate on macOS 10.13+ (#1412)" (#1418)Quentin Pradet2018-08-061-1/+7
| | | | | | | | | | | | | | * Revert "Fix test_client_no_intermediate on macOS 10.13+ (#1412)" This reverts commit 6ef3c06249b7144838b6701c6e9adfa76650ccea. The test was supposed to test a missing intermediate CA, but after that change it was testing a missing root CA. * Stop testing known bad test on macOS 10.13 macOS 10.13 (used by Travis) rejects serial numbers which are more than 36 bytes long, and those tests use certificates with 38 bytes serial numbers.
* Support a servername parameter on HTTPSConnections which overrides the name ↵Ian Haken2018-07-111-0/+17
| | | | used for SNI/hostname verification. (#1397)
* Fix test_client_no_intermediate on macOS 10.13+ (#1412)Quentin Pradet2018-07-101-3/+4
|
* Fix test to not depend on warning orderlars48392018-04-251-8/+1
|
* Perhaps the SecureTransport bugs are worked out?wbond2018-04-151-1/+0
|
* Try to debug Mac Python 2.6 Travis failurewbond2018-04-121-2/+2
|
* Add exception text seen from client cert error with Python 2.6 on Macwbond2018-04-061-1/+2
|
* Adjust tests to not look for warnings when using SecureTransportwbond2018-04-051-5/+10
|
* Use FQDN only for DNS and drop trailing dot for other operationsJesse Shapiro2017-12-141-0/+5
|
* fix up tests and dummyserver /certificate endpointRyan T. Dean2017-08-151-5/+8
| | | | | | | | | | | | * update dummyserver /certificate endpoint to return a json dict of the subject of the client certificate used to connect (needed for py26 compatibility) * update test_client_intermediate to use assertDictEquals to test the returned certificate info from /certificate * update test_client_no_intermediate to call request with retries=False, as certificate authentication failure isn't something that will resolve itself through retries. tests currently pass on py26, py27, py34, py35, and py36 on my mac.
* test/with_dummyserver/test_https.py: addressing code reviewWolfgang Richter2017-08-101-8/+10
| | | | | + Where applicable, using implicit line continuations + Moved certificate serial number constant to a more central location
* test/with_dummyserver/test_https.py: corrected OS X error stringWolfgang Richter2017-08-101-1/+1
|
* test/with_dummyserver/test_https.py: adding error string for Mac platformWolfgang Richter2017-08-101-1/+2
|
* test/with_dummyserver/test_https.py: adding intermediate CA client ↵Wolfgang Richter2017-08-101-0/+25
| | | | certificate tests
* Remove all uses of nose from the codebaseAlex Chan2017-08-091-4/+3
|
* Clean up a few more leaked FDs in testsAlex Chan2017-06-111-0/+1
|
* added test for retrying SSLError on the socket levelBenjamin Wohlwend2017-06-071-6/+7
|
* Ensured that SSLErrors will be retriedBenjamin Wohlwend2017-06-071-18/+32
| | | | | | | Fixes #1112 Test fixes are due to the fact that SSLErrors are now wrapped in a MaxRetryError.
* Remove dead test code -- the test only runs on >=2.7.9Alex Chan2017-06-011-8/+1
| | | | | | This test is decorated with `@onlyPy279OrNewer`, so any code within its body that only runs on versions older than 2.7.9 will never be executed. This patch removes this dead code.
* Add cleanup code to the dummyserver testsAlex Chan2017-05-301-0/+2
| | | | | | | | | | | | Running the tests locally was throwing up a lot of warnings of the form: ResourceWarning: unclosed <ssl.SSLSocket fd=16, family=AddressFamily.AF_INET6, type=SocketKind.SOCK_STREAM, proto=6, laddr=('::1', 61145, 0, 0), raddr=('::1', 61134, 0, 0)> This patch tries to reduce the number of `ResourceWarning`s that are emitted by the `with_dummyserver` tests.
* Merge branch 'master' into secure-transportCory Benfield2017-04-211-0/+5
|\
| * Skip TLS test on Windows py26, fix lint issuesSeth Michael Larson2017-04-011-0/+5
| |
* | Cleanup error messageCory Benfield2017-03-101-2/+3
| |
* | Add support for SecureTransport TLS backendCory Benfield2017-03-061-2/+13
|/
* Skip test_can_validate_ip_san when unsupportedCory Benfield2017-02-151-0/+5
|
* Merge upstreamSeth Michael Larson2017-01-241-6/+4
|\
| * F401 Entity imported but unusedSeth Michael Larson2017-01-231-2/+0
| |
| * E128 Continuation line under-indented for visual indentSeth Michael Larson2017-01-231-2/+3
| |
| * E303 Too many blank linesSeth Michael Larson2017-01-231-1/+0
| |
| * E261 At least two spaces before inline commentSeth Michael Larson2017-01-231-1/+1
| |
* | Add cleanup to pools and managerslars48392017-01-211-0/+31
|/
* test TLSv1 instead of SSLv3Thomas Weißschuh2016-10-281-18/+0
| | | | new systems don't have SSLv3 anymore breaking the tests
* Stop testing our parsing via TLS failure.Cory Benfield2016-10-241-6/+12
| | | | | | This test sucks because it assumes that SSLv3 will be present on the system. There's no guarantee of that. Rewrite the test to test more directly.
* Add a cert with IP SAN and test for it.Cory Benfield2016-07-111-1/+13
|
* A bit more testing.Cory Benfield2016-04-231-0/+26
|
* Basic context unit test.Cory Benfield2016-04-231-0/+26
|
* Document annoying SSL version checks.Cory Benfield2016-04-221-0/+8
|
* Allow for SNI warning in unverified HTTPS.Cory Benfield2016-04-071-2/+7
|
* Remove no-longer accurate test.Cory Benfield2016-04-071-27/+0
| | | | | | | | | | This test no longer applies because we've unified the PyOpenSSL and standard library logic. The standard library does not load the default verify locations: that means, neither does PyOpenSSL anymore. We can reconsider that decision (I quite like the logic used by PyOpenSSL), but right now we're unifying the logic and so this test no longer makes any sense.
* Correctly detect new monkeypatching.Cory Benfield2016-04-071-2/+2
|
* Don't use nonexistent TLS paths.Cory Benfield2016-04-071-1/+1
|
* Add flag to track PyOpenSSL injection.Cory Benfield2016-01-261-5/+5
|
* Mint server certificate with localhost in SANCory Benfield2016-01-261-14/+15
|
* Test fix for #760.Cory Benfield2015-12-151-2/+20
|
* Update tests to account for new warningCory Benfield2015-12-031-2/+8
|
View Lorry Controller Status