[pypy-commit] pypy py3k: kill SSLContext.check_hostname, it's for 3.4 (or modern 2.9) ssl.py. exposing
pjenvey
pypy.commits at gmail.com
Sun May 8 15:00:50 EDT 2016
Author: Philip Jenvey <pjenvey at underboss.org>
Branch: py3k
Changeset: r84307:3be2e22ef987
Date: 2016-05-08 11:59 -0700
http://bitbucket.org/pypy/pypy/changeset/3be2e22ef987/
Log: kill SSLContext.check_hostname, it's for 3.4 (or modern 2.9) ssl.py.
exposing it gives the impression that we provide a 3.4 ssl.py that
uses it to do ssl hostname matching in do_handshake, e.g.:
https://github.com/python/asyncio/blob/309a218/asyncio/selector_even
ts.py#L828
(without this change, this code never matches hostnames!)
diff --git a/pypy/module/_ssl/interp_ssl.py b/pypy/module/_ssl/interp_ssl.py
--- a/pypy/module/_ssl/interp_ssl.py
+++ b/pypy/module/_ssl/interp_ssl.py
@@ -1785,8 +1785,9 @@
SSLContext.descr_set_verify_mode),
verify_flags=GetSetProperty(SSLContext.descr_get_verify_flags,
SSLContext.descr_set_verify_flags),
- check_hostname=GetSetProperty(SSLContext.descr_get_check_hostname,
- SSLContext.descr_set_check_hostname),
+ # XXX: For use by 3.4 ssl.py only
+ #check_hostname=GetSetProperty(SSLContext.descr_get_check_hostname,
+ # SSLContext.descr_set_check_hostname),
)
diff --git a/pypy/module/_ssl/test/test_ssl.py b/pypy/module/_ssl/test/test_ssl.py
--- a/pypy/module/_ssl/test/test_ssl.py
+++ b/pypy/module/_ssl/test/test_ssl.py
@@ -105,7 +105,8 @@
('IP Address', '2001:DB8:0:0:0:0:0:1\n'))
def test_context(self):
- import _ssl
+ import _ssl, sys
+ py33 = sys.version_info[:2] == (3, 3)
s = _ssl._SSLContext(_ssl.PROTOCOL_TLSv1)
raises(ValueError, _ssl._SSLContext, -1)
@@ -115,10 +116,13 @@
assert not s.options & _ssl.OP_NO_SSLv2
raises(TypeError, "s.options = 2.5")
- assert not s.check_hostname
- exc = raises(ValueError, "s.check_hostname = True")
- assert str(exc.value) == "check_hostname needs a SSL context with " \
- "either CERT_OPTIONAL or CERT_REQUIRED"
+ if py33:
+ assert not hasattr(s, 'check_hostname')
+ else:
+ assert not s.check_hostname
+ exc = raises(ValueError, "s.check_hostname = True")
+ assert str(exc.value) == "check_hostname needs a SSL context " \
+ "with either CERT_OPTIONAL or CERT_REQUIRED"
assert s.verify_mode == _ssl.CERT_NONE
s.verify_mode = _ssl.CERT_REQUIRED
@@ -133,12 +137,13 @@
s.verify_flags = _ssl.VERIFY_DEFAULT
assert s.verify_flags == _ssl.VERIFY_DEFAULT
- s.check_hostname = True
- assert s.check_hostname
+ if not py33:
+ s.check_hostname = True
+ assert s.check_hostname
- exc = raises(ValueError, "s.verify_mode = _ssl.CERT_NONE")
- assert str(exc.value) == "Cannot set verify_mode to CERT_NONE " \
- "when check_hostname is enabled."
+ exc = raises(ValueError, "s.verify_mode = _ssl.CERT_NONE")
+ assert str(exc.value) == "Cannot set verify_mode to CERT_NONE " \
+ "when check_hostname is enabled."
def test_set_default_verify_paths(self):
import _ssl
More information about the pypy-commit
mailing list