(self)
| 2174 | s.connect, self.server_addr) |
| 2175 | |
| 2176 | def test_connect_capath(self): |
| 2177 | # Verify server certificates using the `capath` argument |
| 2178 | # NOTE: the subject hashing algorithm has been changed between |
| 2179 | # OpenSSL 0.9.8n and 1.0.0, as a result the capath directory must |
| 2180 | # contain both versions of each certificate (same content, different |
| 2181 | # filename) for this test to be portable across OpenSSL releases. |
| 2182 | ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) |
| 2183 | ctx.load_verify_locations(capath=CAPATH) |
| 2184 | with ctx.wrap_socket(socket.socket(socket.AF_INET), |
| 2185 | server_hostname=SIGNED_CERTFILE_HOSTNAME) as s: |
| 2186 | s.connect(self.server_addr) |
| 2187 | cert = s.getpeercert() |
| 2188 | self.assertTrue(cert) |
| 2189 | |
| 2190 | # Same with a bytes `capath` argument |
| 2191 | ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) |
| 2192 | ctx.load_verify_locations(capath=BYTES_CAPATH) |
| 2193 | with ctx.wrap_socket(socket.socket(socket.AF_INET), |
| 2194 | server_hostname=SIGNED_CERTFILE_HOSTNAME) as s: |
| 2195 | s.connect(self.server_addr) |
| 2196 | cert = s.getpeercert() |
| 2197 | self.assertTrue(cert) |
| 2198 | |
| 2199 | def test_connect_cadata(self): |
| 2200 | with open(SIGNING_CA) as f: |
nothing calls this directly
no test coverage detected