Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cpython3 / fbaf9310965f5ea491b9ed7b1b6e5db4f73e4def^! / . / Lib / test / test_httplib.py
commitfbaf9310965f5ea491b9ed7b1b6e5db4f73e4def[log] [tgz]
authorGeorg Brandl <georg@python.org>Wed Nov 05 20:37:40 2014 +0100
committerGeorg Brandl <georg@python.org>Wed Nov 05 20:37:40 2014 +0100
treef8987923a9e31c5124c096882e6e6fd6ab84c56f
parent50219fcd23490ab65da4ed16b9c79b82d4192858 [diff] [blame]
test_httplib: use self-signed.pythontest.net for verification test with non-root-CA cert

diff --git a/Lib/test/test_httplib.py b/Lib/test/test_httplib.py
index 2ded60e..d259fb2 100644
--- a/Lib/test/test_httplib.py
+++ b/Lib/test/test_httplib.py

@@ -15,8 +15,8 @@
 CERT_localhost = os.path.join(here, 'keycert.pem')
 # Self-signed cert file for 'fakehostname'
 CERT_fakehostname = os.path.join(here, 'keycert2.pem')
-# Root cert file (CA) for svn.python.org's cert
-CACERT_svn_python_org = os.path.join(here, 'https_svn_python_org_root.pem')
+# Self-signed cert file for self-signed.pythontest.net
+CERT_selfsigned_pythontestdotnet = os.path.join(here, 'selfsigned_pythontestdotnet.pem')
 
 HOST = support.HOST
 
@@ -772,11 +772,6 @@
         h = client.HTTPSConnection(HOST, TimeoutTest.PORT, timeout=30)
         self.assertEqual(h.timeout, 30)
 
-    def _check_svn_python_org(self, resp):
-        # Just a simple check that everything went fine
-        server_string = resp.getheader('server')
-        self.assertIn('Apache', server_string)
-
     def test_networked(self):
         # Default settings: requires a valid cert from a trusted CA
         import ssl
@@ -810,17 +805,18 @@
             self.assertIn('text/html', content_type)
 
     def test_networked_good_cert(self):
-        # We feed a CA cert that validates the server's cert
+        # We feed the server's cert as a validating cert
         import ssl
         support.requires('network')
-        with support.transient_internet('svn.python.org'):
+        with support.transient_internet('self-signed.pythontest.net'):
             context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
             context.verify_mode = ssl.CERT_REQUIRED
-            context.load_verify_locations(CACERT_svn_python_org)
-            h = client.HTTPSConnection('svn.python.org', 443, context=context)
+            context.load_verify_locations(CERT_selfsigned_pythontestdotnet)
+            h = client.HTTPSConnection('self-signed.pythontest.net', 443, context=context)
             h.request('GET', '/')
             resp = h.getresponse()
-            self._check_svn_python_org(resp)
+            server_string = resp.getheader('server')
+            self.assertIn('nginx', server_string)
 
     def test_networked_bad_cert(self):
         # We feed a "CA" cert that is unrelated to the server's cert