Merged revisions 80314-80315 via svnmerge from

svn+ssh://pythondev@svn.python.org/python/trunk ........ r80314 | antoine.pitrou | 2010-04-21 21:28:03 +0200 (mer., 21 avril 2010) | 5 lines Issue #8484: Load all ciphers and digest algorithms when initializing the _ssl extension, such that verification of some SSL certificates doesn't fail because of an "unknown algorithm". ........ r80315 | antoine.pitrou | 2010-04-21 21:36:23 +0200 (mer., 21 avril 2010) | 3 lines Forgot to add the sample certificate (followup to r80314) ........
2025-08-31 05:58:33 +00:00 · 2010-04-21 19:46:23 +00:00 · 2010-04-21 19:46:23 +00:00 · fec12fff0f
commit fec12fff0f
parent e7ed1d7f68
5 changed files with 70 additions and 1 deletions
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@ -218,6 +218,26 @@ class NetworkedTests(unittest.TestCase):
        if support.verbose:
            sys.stdout.write("\nVerified certificate for svn.python.org:443 is\n%s\n" % pem)

+    def test_algorithms(self):
+        # Issue #8484: all algorithms should be available when verifying a
+        # certificate.
+        # NOTE: https://sha256.tbs-internet.com is another possible test host
+        remote = ("sha2.hboeck.de", 443)
+        sha256_cert = os.path.join(os.path.dirname(__file__), "sha256.pem")
+        s = ssl.wrap_socket(socket.socket(socket.AF_INET),
+                            cert_reqs=ssl.CERT_REQUIRED,
+                            ca_certs=sha256_cert,)
+        with support.transient_internet():
+            try:
+                s.connect(remote)
+                if support.verbose:
+                    sys.stdout.write("\nCipher with %r is %r\n" %
+                                     (remote, s.cipher()))
+                    sys.stdout.write("Certificate is:\n%s\n" %
+                                     pprint.pformat(s.getpeercert()))
+            finally:
+                s.close()
+

 try:
    import threading