(self)
| 2100 | self.assertIn('text/html', content_type) |
| 2101 | |
| 2102 | def test_networked_good_cert(self): |
| 2103 | # We feed the server's cert as a validating cert |
| 2104 | import ssl |
| 2105 | support.requires('network') |
| 2106 | selfsigned_pythontestdotnet = 'self-signed.pythontest.net' |
| 2107 | with socket_helper.transient_internet(selfsigned_pythontestdotnet): |
| 2108 | context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) |
| 2109 | self.assertEqual(context.verify_mode, ssl.CERT_REQUIRED) |
| 2110 | self.assertEqual(context.check_hostname, True) |
| 2111 | context.load_verify_locations(CERT_selfsigned_pythontestdotnet) |
| 2112 | try: |
| 2113 | h = client.HTTPSConnection(selfsigned_pythontestdotnet, 443, |
| 2114 | context=context) |
| 2115 | h.request('GET', '/') |
| 2116 | resp = h.getresponse() |
| 2117 | except ssl.SSLError as ssl_err: |
| 2118 | ssl_err_str = str(ssl_err) |
| 2119 | # In the error message of [SSL: CERTIFICATE_VERIFY_FAILED] on |
| 2120 | # modern Linux distros (Debian Buster, etc) default OpenSSL |
| 2121 | # configurations it'll fail saying "key too weak" until we |
| 2122 | # address https://bugs.python.org/issue36816 to use a proper |
| 2123 | # key size on self-signed.pythontest.net. |
| 2124 | if re.search(r'(?i)key.too.weak', ssl_err_str): |
| 2125 | raise unittest.SkipTest( |
| 2126 | f'Got {ssl_err_str} trying to connect ' |
| 2127 | f'to {selfsigned_pythontestdotnet}. ' |
| 2128 | 'See https://bugs.python.org/issue36816.') |
| 2129 | raise |
| 2130 | server_string = resp.getheader('server') |
| 2131 | resp.close() |
| 2132 | h.close() |
| 2133 | self.assertIn('nginx', server_string) |
| 2134 | |
| 2135 | @support.requires_resource('walltime') |
| 2136 | def test_networked_bad_cert(self): |
nothing calls this directly
no test coverage detected