Add tests for get_verify_mode
diff --git a/OpenSSL/ssl/context.c b/OpenSSL/ssl/context.c
index 98cc01c..c8100b4 100644
--- a/OpenSSL/ssl/context.c
+++ b/OpenSSL/ssl/context.c
@@ -608,8 +608,10 @@
}
static char ssl_Context_load_client_ca_doc[] = "\n\
-Load the trusted certificates that will be sent to the client (basically\n\
-telling the client \"These are the guys I trust\")\n\
+Load the trusted certificates that will be sent to the client (basically\n \
+telling the client \"These are the guys I trust\"). Does not actually\n\
+imply any of the certificates are trusted; that must be configured\n\
+separately.\n\
\n\
@param cafile: The name of the certificates file\n\
@return: None\n\
diff --git a/OpenSSL/test/test_ssl.py b/OpenSSL/test/test_ssl.py
index 278fab3..6874c5a 100644
--- a/OpenSSL/test/test_ssl.py
+++ b/OpenSSL/test/test_ssl.py
@@ -739,7 +739,28 @@
# XXX load_client_ca
# XXX set_session_id
- # XXX get_verify
+
+ def test_get_verify_mode_wrong_args(self):
+ """
+ L{Context.get_verify_mode} raises L{TypeError} if called with any
+ arguments.
+ """
+ context = Context(TLSv1_METHOD)
+ self.assertRaises(TypeError, context.get_verify_mode, None)
+
+
+ def test_get_verify_mode(self):
+ """
+ L{Context.get_verify_mode} returns the verify mode flags previously
+ passed to L{Context.set_verify}.
+ """
+ context = Context(TLSv1_METHOD)
+ self.assertEquals(context.get_verify_mode(), 0)
+ context.set_verify(
+ VERIFY_PEER | VERIFY_CLIENT_ONCE, lambda *args: None)
+ self.assertEquals(
+ context.get_verify_mode(), VERIFY_PEER | VERIFY_CLIENT_ONCE)
+
# XXX load_temp_dh
# XXX set_cipher_list