commit 751b1734205e588bb3a15487b46ac994b5506a99
author Joe Gregorio <jcgregorio@google.com> Thu Jun 23 08:56:59 2011 -0400
committer Joe Gregorio <jcgregorio@google.com> Thu Jun 23 08:56:59 2011 -0400
tree f1c3d68dd1ea47fa32bcb5cfbaf953c37c048306
parent f48303ce1a66b0bf29ce895922adfee4be7045ed

Fix issue with not matching on first host in cert list. Add unit tests.

python2/httplib2/__init__.py

diff --git a/python2/httplib2/__init__.py b/python2/httplib2/__init__.py
index f210130..bbf6f79 100644
--- a/python2/httplib2/__init__.py
+++ b/python2/httplib2/__init__.py
@@ -869,7 +869,7 @@
             host_re = host.replace('.', '\.').replace('*', '[^.]*')
             if re.search('^%s$' % (host_re,), hostname, re.I):
                 return True
-            return False
+        return False
 
     def connect(self):
         "Connect to a host on a given (SSL) port."

python2/httplib2test.py

diff --git a/python2/httplib2test.py b/python2/httplib2test.py
index bb9a32c..2869b6b 100755
--- a/python2/httplib2test.py
+++ b/python2/httplib2test.py
@@ -482,6 +482,14 @@
             self.assertRaises(httplib2.SSLHandshakeError,
                     http.request, "https://www.google.com/", "GET")
 
+    def testSslCertValidationDoubleDots(self):
+        if sys.version_info >= (2, 6):
+            # Test that we get match a double dot cert
+            try:
+              self.http.request("https://1.www.appspot.com/", "GET")
+            except httplib2.CertificateHostnameMismatch:
+              self.fail('cert with *.*.appspot.com should not raise an exception.')
+
     def testSslHostnameValidation(self):
         if sys.version_info >= (2, 6):
             # The SSL server at google.com:443 returns a certificate for