Add a test that verifies the first argument passed to the verify callback. And make it pass.
diff --git a/OpenSSL/test/test_ssl.py b/OpenSSL/test/test_ssl.py
index bfe3114..369b1b6 100644
--- a/OpenSSL/test/test_ssl.py
+++ b/OpenSSL/test/test_ssl.py
@@ -277,6 +277,19 @@
write.bio_write(dirty)
+ def _handshakeInMemory(self, client_conn, server_conn):
+ client_conn.set_connect_state()
+ server_conn.set_accept_state()
+
+ for conn in [client_conn, server_conn]:
+ try:
+ conn.do_handshake()
+ except WantReadError:
+ pass
+
+ self._interactInMemory(client_conn, server_conn)
+
+
class VersionTests(TestCase):
"""
@@ -981,6 +994,34 @@
pass
+ def test_set_verify_callback_connection_argument(self):
+ """
+ The first argument passed to the verify callback is the
+ :py:class:`Connection` instance for which verification is taking place.
+ """
+ serverContext = Context(TLSv1_METHOD)
+ serverContext.use_privatekey(
+ load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM))
+ serverContext.use_certificate(
+ load_certificate(FILETYPE_PEM, cleartextCertificatePEM))
+ serverConnection = Connection(serverContext, None)
+
+ class VerifyCallback(object):
+ def callback(self, connection, *args):
+ self.connection = connection
+ return 1
+
+ verify = VerifyCallback()
+ clientContext = Context(TLSv1_METHOD)
+ clientContext.set_verify(VERIFY_PEER, verify.callback)
+ clientConnection = Connection(clientContext, None)
+ clientConnection.set_connect_state()
+
+ self._handshakeInMemory(clientConnection, serverConnection)
+
+ self.assertIdentical(verify.connection, clientConnection)
+
+
def test_set_verify_callback_exception(self):
"""
If the verify callback passed to :py:obj:`Context.set_verify` raises an