Lines Matching +full:libressl +full:- +full:portable
113 (('commonName', 'our-ca-server'),)),
128 SIGNED_CERTFILE_ECC_HOSTNAME = 'localhost-ecc'
138 REMOTE_HOST = "self-signed.pythontest.net"
146 TALOS_INVALID_CRLDP = data_file("talos-2019-0758.pem")
162 # Assume that any references of "ubuntu" implies Ubuntu-like distro
164 with open("/etc/os-release", encoding="utf-8") as f:
198 # auto-negotiate protocols are always available
223 # bpo43791: 3.0.0-alpha14 fails with TLSV1_ALERT_INTERNAL_ERROR
271 return -time.altzone # seconds
272 return -time.timezone
370 # Make sure that the PROTOCOL_* constants have enum-like string
396 self.assertRaises(ValueError, ssl.RAND_bytes, -5)
398 self.assertRaises(ValueError, ssl.RAND_pseudo_bytes, -5)
429 ('http://SVRIntl-G3-aia.verisign.com/SVRIntlG3.cer',))
431 ('http://SVRIntl-G3-crl.verisign.com/SVRIntlG3.crl',))
441 (('countryName', 'UK'),), (('commonName', 'cody-ca'),)),
447 'codenomicon-vm-2.test.lal.cisco.com'),)),
449 ('DNS', 'codenomicon-vm-2.test.lal.cisco.com'),),
464 (('emailAddress', 'python-dev@python.org'),))
512 self.fail("DER-to-PEM didn't include correct header:\n%r\n" % p2)
514 self.fail("DER-to-PEM didn't include correct footer:\n%r\n" % p2)
540 libressl_ver = f"LibreSSL {major:d}"
649 "certfile must be specified for server-side operations",
652 "certfile must be specified for server-side operations",
655 self.assertRaisesRegex(ValueError, "can't connect in server-side mode",
702 # -- Hostname matching --
720 # in left-most segment
728 # NULL bytes are bad, CVE-2013-4073
747 # wildcard doesn't match IDNA prefix 'xn--'
753 cert = {'subject': ((('commonName', 'xn--p*.python.org'),),)}
756 # wildcard in first fragment and IDNA A-labels in sequent fragments
765 # Slightly fake real-world example
778 # A pristine real-world example
790 # -- IPv4 matching --
805 # -- IPv6 matching --
819 # -- Miscellaneous --
907 ss.get_channel_binding("unknown-type")
910 @unittest.skipUnless("tls-unique" in ssl.CHANNEL_BINDING_TYPES,
911 "'tls-unique' channel binding not available")
916 self.assertIsNone(ss.get_channel_binding("tls-unique"))
917 # the same for server-side
920 self.assertIsNone(ss.get_channel_binding("tls-unique"))
998 self.assertRaises(ValueError, ssl._ASN1Object.fromnid, -1)
1072 # case-insensitive
1107 self.skipTest("locale-specific month name needs to be "
1110 # locale-independent
1131 # empty reads and writes now work, bpo-42854, bpo-31711
1153 self.assertRaises(ValueError, ssl.SSLContext, -1)
1181 'AES128-GCM-SHA256',
1182 'ECDHE-ECDSA-AES128-GCM-SHA256',
1183 'ECDHE-RSA-AES128-GCM-SHA256',
1184 'DHE-RSA-AES128-GCM-SHA256',
1185 'AES256-GCM-SHA384',
1186 'ECDHE-ECDSA-AES256-GCM-SHA384',
1187 'ECDHE-RSA-AES256-GCM-SHA384',
1188 'DHE-RSA-AES256-GCM-SHA384',
1337 # The default security callback allows for levels between 0-5
1665 @unittest.skipIf(sys.platform == "win32", "not-Windows specific")
1834 ctx.num_tickets = -1
1937 self.assertEqual(bio.pending, 3-i-1)
1994 # Now if we unwrap one side unilaterally, it should send close-notify
2000 # close-notify:
2004 # And now that the client gets the server's close-notify, it doesn't
2054 # Issue #11326: non-blocking connect_ex() should allow handshake
2067 # Non-blocking handshake
2117 # filename) for this test to be portable across OpenSSL releases.
2158 # Issue #5238: creating a file-like object with makefile() shouldn't
2329 if 'tls-unique' in ssl.CHANNEL_BINDING_TYPES:
2330 self.assertIsNone(sslobj.get_channel_binding('tls-unique'))
2336 if 'tls-unique' in ssl.CHANNEL_BINDING_TYPES:
2337 self.assertTrue(sslobj.get_channel_binding('tls-unique'))
2383 # errno (mimicking the behaviour of non-SSL sockets).
2453 # SSLError - OpenSSL on Ubuntu abruptly closes the
2474 # or a low-level bug. This should be made more discriminating.
2476 # bpo-31323: Store the exception as string to prevent
2477 # a reference leak: server -> conn_errors -> exception
2478 # -> traceback -> self (ConnectionHandler) -> server
2483 # bpo-44229, bpo-43855, bpo-44237, and bpo-33450:
2485 …ee also http://erickt.github.io/blog/2014/11/19/adventures-in-debugging-a-potential-osx-kernel-bug/
2569 elif stripped == b'CB tls-unique':
2571 … sys.stdout.write(" server: read CB tls-unique from client, sending our CB data...\n")
2572 data = self.sslconn.get_channel_binding("tls-unique")
2573 self.write(repr(data).encode("us-ascii") + b"\n")
2580 self.write(repr(e).encode("us-ascii") + b"\n")
2590 self.write(repr(cert).encode("us-ascii") + b"\n")
2879 Try to SSL-connect using *client_protocol* to *server_protocol*.
2893 formatstr = (expect_success and " %s->%s %s\n") or " {%s->%s} %s\n"
3151 cipher = s.cipher()[0].split('-')
3177 cipher = s.cipher()[0].split('-')
3196 'xn--knig-5qa.idn.pythontest.net'),
3197 ('xn--knig-5qa.idn.pythontest.net',
3198 'xn--knig-5qa.idn.pythontest.net'),
3199 (b'xn--knig-5qa.idn.pythontest.net',
3200 'xn--knig-5qa.idn.pythontest.net'),
3203 'xn--knigsgsschen-lcb0w.idna2003.pythontest.net'),
3204 ('xn--knigsgsschen-lcb0w.idna2003.pythontest.net',
3205 'xn--knigsgsschen-lcb0w.idna2003.pythontest.net'),
3206 (b'xn--knigsgsschen-lcb0w.idna2003.pythontest.net',
3207 'xn--knigsgsschen-lcb0w.idna2003.pythontest.net'),
3210 # 'xn--knigsgchen-b4a3dun.idna2008.pythontest.net'),
3211 ('xn--knigsgchen-b4a3dun.idna2008.pythontest.net',
3212 'xn--knigsgchen-b4a3dun.idna2008.pythontest.net'),
3213 (b'xn--knigsgchen-b4a3dun.idna2008.pythontest.net',
3214 'xn--knigsgchen-b4a3dun.idna2008.pythontest.net'),
3259 # the connection, or a low-level connection reset (which
3567 dlen = f.info().get("content-length")
3714 # read(-1, buffer) is supported, even though read(-1) is not
3718 self.assertEqual(s.read(-1, buffer), len(data))
3721 # sendall accepts bytes-like objects
3738 self.assertRaises(ValueError, s.recv, -1)
3739 self.assertRaises(ValueError, s.read, -1)
4013 # Issue #21015: elliptic curve-based Diffie Hellman key exchange
4021 # our default cipher list should prefer ECDH-based ciphers
4029 @unittest.skipUnless("tls-unique" in ssl.CHANNEL_BINDING_TYPES,
4030 "'tls-unique' channel binding not available")
4032 """Test tls-unique channel binding."""
4048 cb_data = s.get_channel_binding("tls-unique")
4061 s.write(b"CB tls-unique\n")
4064 repr(cb_data).encode("us-ascii"))
4071 new_cb_data = s.get_channel_binding("tls-unique")
4084 s.write(b"CB tls-unique\n")
4087 repr(new_cb_data).encode("us-ascii"))
4111 # Check we can get a connection with ephemeral Diffie-Hellman
4122 parts = cipher.split("-")
4124 self.fail("Non-DH cipher: " + cipher[0])
4203 server_result = stats['server_alpn_protocols'][-1] \
4319 "AES256", "AES-256",
4460 # cannot re-use session with a different SSLContext
4516 cert_text = s.recv(4096).decode('us-ascii')
4712 self.assertIn("CN=our-ca-server", repr(ca))
4717 self.assertIn("-----BEGIN CERTIFICATE-----", pem)