[New-bugs-announce] [issue22861] [2.7] ssl._dnsname_match() and unicode
STINNER Victor
report at bugs.python.org
Thu Nov 13 13:52:29 CET 2014
New submission from STINNER Victor:
Hi,
I just modified the Trollius project ( http://trollius.readthedocs.org/ ) to support Python 2.7 with the newly backported ssl module. I ran the test suite of the Trollius and some tests are failing because of the exact exception message.
It looks like ssl._dnsname_match() calls repr() on a Unicode string:
elif len(dnsnames) == 1:
raise CertificateError("hostname %r "
"doesn't match %r"
% (hostname, dnsnames[0]))
Well, I don't know if using repr() on an unicode string is really a bug or not.
By the way, Trollius currently pass the hostname as a bytes string, whereas match_hostname() uses Unicode. No error is raised. Is it safe to compare bytes and Unicode to validate a certificate?
dnsname[0] comes from the commonName of the certificate subject.
The certificate used in Trollius test can be found at:
https://bitbucket.org/enovance/trollius/src/d456dd5103b0e2a35ef27fe0d55583b74a8196dd/tests/keycert3.pem?at=trollius
Example of error:
======================================================================
FAIL: test_create_server_ssl_match_failed (test_events.EPollEventLoopTests)
----------------------------------------------------------------------
Traceback (most recent call last):
File "tests/test_events.py", line 951, in test_create_server_ssl_match_failed
self.loop.run_until_complete(f_c)
File "/home/haypo/prog/HG/trollius/trollius/test_utils.py", line 137, in __exit__
expected_regex.pattern, str(exc_value)))
File "/home/haypo/prog/HG/trollius/trollius/test_utils.py", line 75, in _raiseFailure
raise self.test_case.failureException(msg)
AssertionError: "hostname '127.0.0.1' doesn't match 'localhost'" does not match "hostname '127.0.0.1' doesn't match u'localhost'"
----------
messages: 231108
nosy: alex, haypo
priority: normal
severity: normal
status: open
title: [2.7] ssl._dnsname_match() and unicode
versions: Python 2.7
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue22861>
_______________________________________
More information about the New-bugs-announce
mailing list