ó ð|ýJc@s~dZddlmZddlmZddlmZddlmZddlm Z ddl m Z m Z m Z mZmZmZddlmZmZmZmZmZmZdd lmZmZmZmZdd lmZmZmZdd lmZm Z m!Z!dd l"m#Z#dd l$m%Z%m&Z&ddl$m'Z'm(Z(m)Z)m*Z*m+Z+yddlm,Z,Wne-k r‡e.Z,nXyddlm/Z/Wne-k rµe.Z/nXyddlm0Z0Wne-k rãe.Z0nXd„Z1de#fd„ƒYZ2de#fd„ƒYZ3de#fd„ƒYZ4de#fd„ƒYZ5d„Z6de#fd„ƒYZ7e8dkrze ƒndS( s Unit tests for L{OpenSSL.SSL}. iÿÿÿÿ(tplatform(tsocket(tmakedirs(tjoin(tmain(tTYPE_RSAt FILETYPE_PEMtPKeytdump_privatekeytload_certificatetload_privatekey(t WantReadErrortContextt ContextTypet ConnectiontConnectionTypetError(t SSLv2_METHODt SSLv3_METHODt SSLv23_METHODt TLSv1_METHOD(t OP_NO_SSLv2t OP_NO_SSLv3tOP_SINGLE_DH_USE(t VERIFY_PEERtVERIFY_FAIL_IF_NO_PEER_CERTtVERIFY_CLIENT_ONCE(tTestCase(tcleartextCertificatePEMtcleartextPrivateKeyPEM(tclient_cert_pemtclient_key_pemtserver_cert_pemtserver_key_pemt root_cert_pem(tOP_NO_QUERY_MTU(tOP_COOKIE_EXCHANGE(t OP_NO_TICKETcCs±tƒ}|jdƒ|jdƒtƒ}|jtƒ|jd|jƒdfƒ|jtƒ|jƒd}|j dƒ|j dƒ|jtƒ|jtƒ||fS(sQ Establish and return a pair of network sockets connected to each other. tiis 127.0.0.1txty(R&i( Rtbindtlistent setblockingtFalset connect_ext getsocknametTruetaccepttsend(tporttclienttserver((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyt socket_pair#s          t ContextTestscBs’eZdZd„Zd„Zd„Zd„Zd„Zd„Zd„Z d„Z d „Z e dkrln d „Z d „Zd„Zd„ZRS(s0 Unit tests for L{OpenSSL.SSL.Context}. cCsQx$ttttgD]}t|ƒqW|jttdƒ|jttdƒdS(sŒ L{Context} can be instantiated with one of L{SSLv2_METHOD}, L{SSLv3_METHOD}, L{SSLv23_METHOD}, or L{TLSv1_METHOD}. R&i N(RRRRR t assertRaisest TypeErrort ValueError(tselftmeth((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyt test_methodEscCs'|jttƒ|jtdtƒdS(s‡ L{Context} and L{ContextType} refer to the same type object and can be used to create instances of that type. R N(tassertIdenticalR R tassertConsistentTypeR(R:((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyt test_typePscCsLtƒ}|jtdƒttƒ}|j|ƒ|jt|jdƒdS(sU L{Context.use_privatekey} takes an L{OpenSSL.crypto.PKey} instance. i€R&N(Rt generate_keyRR Rtuse_privatekeyR7R8(R:tkeytctx((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_use_privatekeyYs    cs tƒ}|jtdƒ|jƒ}t|dƒ}d‰|jtt|dˆƒƒ|jƒg‰‡‡fd†}t t ƒ}|j |ƒ|j |ƒ|j tˆƒdƒ|j tˆddtƒƒ|j tˆddtƒƒ|jˆddd ƒd S( s L{Context.set_passwd_cb} accepts a callable which will be invoked when a private key is loaded from an encrypted PEM. i€twtfoobartblowfishcsˆj|||fƒˆS(N(tappend(tmaxlentverifytextra(t calledWitht passphrase(sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pytpassphraseCallbackrsiiiN(RR@RtmktemptfiletwriteRRtcloseR Rt set_passwd_cbtuse_privatekey_filet assertTruetlent isinstancetintt assertEqualtNone(R:RBtpemFiletfObjRNtcontext((RLRMsH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_set_passwd_cbds       csøtƒ\}}tttƒ|ƒ}|jƒg‰‡fd†}ttƒ}|j|ƒ|jttt ƒƒ|j t tt ƒƒt||ƒ}|j ƒxCˆsæx6||fD](}y|jƒWq·tk rÞq·Xq·Wq¤W|jˆƒdS(sž L{Context.set_info_callback} accepts a callable which will be invoked when certain information about an SSL connection is available. csˆj|||fƒdS(N(RH(tconntwheretret(tcalled(sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pytinfo‰sN(R5RR Rtset_connect_statetset_info_callbacktuse_certificateR RRRAR Rtset_accept_statet do_handshakeR RU(R:R4R3t clientSSLRcR]t serverSSLtssl((RbsH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_set_info_callback~s(       c Gstƒ\}}ttƒ}|j|Œ|jtd„ƒt||ƒ}|jƒttƒ}|jt t t ƒƒ|j t t tƒƒt||ƒ}|jƒxMtdƒD]?}x6||fD](} y| jƒWqÅtk rìqÅXqÅWq²W|jƒ} |j| jƒjdƒdS(NcSs|S(N((R_tcertterrnotdeptht preverify_ok((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyt©sisTesting Root CA(R5R Rtload_verify_locationst set_verifyRRRdRfR RRRAR RRgtrangeRhR tget_peer_certificateRYt get_subjecttCN( R:targsR4R3t clientContextRit serverContextRjtiRkRm((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyt_load_verify_locations_test s.         cCsC|jƒ}t|dƒ}|jtƒ|jƒ|j|ƒdS(sŠ L{Context.load_verify_locations} accepts a file name and uses the certificates within for verification purposes. REN(RORPRQRRRR|(R:tcafileR\((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_load_verify_fileÆs    cCs,ttƒ}|jt|j|jƒƒdS(sm L{Context.load_verify_locations} raises L{Error} when passed a non-existent cafile. N(R RR7RRrRO(R:Ry((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_load_verify_invalid_fileÓs cCs_|jƒ}t|ƒt|dƒ}t|dƒ}|jtƒ|jƒ|jd|ƒdS(s L{Context.load_verify_locations} accepts a directory name and uses the certificates within for verification purposes. s c7adac82.0REN( RORRRPRQRRRR|RZ(R:tcapathR}R\((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_load_verify_directoryÝs    tdarwintwin32cCs‰ttƒ}|jƒ|jtd„ƒtƒ}|jdƒt||ƒ}|jƒ|j ƒ|j dƒ|j |j dƒƒdS(s¥ L{Context.set_default_verify_paths} causes the platform-specific CA certificate locations to be used for verification purposes. cSs|S(N((R_RmRnRoRp((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyRqss verisign.comi»sGET / HTTP/1.0 iN(s verisign.comi»( R Rtset_default_verify_pathsRsRRtconnectRRdRhR1RUtrecv(R:R]R3Ri((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_set_default_verify_pathsòs        cCsRttƒ}|jt|jdƒ|jt|jdƒ|jt|jdƒdS(sv L{Context.set_default_verify_paths} takes no arguments and raises L{TypeError} if given any. iR&N(R RR7R8R„RZ(R:R]((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyt'test_set_default_verify_paths_signatures cCs[ttƒ}|jt|jƒ|jt|jtƒƒ|jt|jtƒtƒƒdS(s½ L{Context.add_extra_chain_cert} raises L{TypeError} if called with other than one argument or if called with an object which is not an instance of L{X509}. N(R RR7R8tadd_extra_chain_certtobject(R:R]((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyt&test_add_extra_chain_cert_invalid_certs cCs&ttƒ}|jtttƒƒdS(sv L{Context.add_extra_chain_cert} accepts an L{X509} instance to add to the certificate chain. N(R RR‰R RR(R:R]((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_add_extra_chain_cert%s (sdarwinswin32(t__name__t __module__t__doc__R<R?RDR^RlR|R~RRRR‡RˆR‹RŒ(((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyR6As   " &    tConnectionTestscBseZdZd„ZRS(s3 Unit tests for L{OpenSSL.SSL.Connection}. cCs6|jttƒttƒ}|jtd|dƒdS(s L{Connection} and L{ConnectionType} refer to the same type object and can be used to create instances of that type. RN(R=RRR RR>RZ(R:RC((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyR?5s (RRŽRR?(((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyR1st ErrorTestscBseZdZd„ZRS(s. Unit tests for L{OpenSSL.SSL.Error}. cCs-|jtttƒƒ|jtjdƒdS(s0 L{Error} is an exception type. RN(RUt issubclassRt ExceptionRYR(R:((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyR?Ds(RRŽRR?(((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyR‘@stConstantsTestscBsVeZdZedk r$d„Znedk r<d„Znedk rTd„Z nRS(sð Tests for the values of constants exposed in L{OpenSSL.SSL}. These are values defined by OpenSSL intended only to be used as flags to OpenSSL APIs. The only assertions it seems can be made about them is their values. cCs|jtdƒdS(s The value of L{OpenSSL.SSL.OP_NO_QUERY_MTU} is 0x1000, the value of I{SSL_OP_NO_QUERY_MTU} defined by I{openssl/ssl.h}. iN(RYR#(R:((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_op_no_query_mtuWscCs|jtdƒdS(s£ The value of L{OpenSSL.SSL.OP_COOKIE_EXCHANGE} is 0x2000, the value of I{SSL_OP_COOKIE_EXCHANGE} defined by I{openssl/ssl.h}. i N(RYR$(R:((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_op_cookie_exchangebscCs|jtdƒdS(s— The value of L{OpenSSL.SSL.OP_NO_TICKET} is 0x4000, the value of I{SSL_OP_NO_TICKET} defined by I{openssl/ssl.h}. i@N(RYR%(R:((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_op_no_ticketmsN( RRŽRR#RZR•R$R–R%R—(((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyR”Ms    cCs|S(N((R_RmterrnumRotok((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyt verify_cbxstMemoryBIOTestscBsÂeZdZd„Zd„Zd„Zd„Zd„Zd„Zd„Z d„Z d „Z d „Z d „Z d „Zd „Zd„Zd„Zd„Zd„Zd„Zd„Zd„ZRS(sA Tests for L{OpenSSL.SSL.Connection} using a memory BIO. cCs®ttƒ}|jttBtBƒ|jttBt Bt ƒ|j ƒ}|j t ttƒƒ|jtttƒƒ|jƒ|jtttƒƒt||ƒ}|jƒ|S(sc Create a new server-side SSL L{Connection} object wrapped around C{sock}. (R Rt set_optionsRRRRsRRRRštget_cert_storeRAR RR!RfR R tcheck_privatekeytadd_certR"RRg(R:tsockt server_ctxt server_storet server_conn((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyt_servers    cCs®ttƒ}|jttBtBƒ|jttBt Bt ƒ|j ƒ}|j t ttƒƒ|jtttƒƒ|jƒ|jtttƒƒt||ƒ}|jƒ|S(sc Create a new client-side SSL L{Connection} object wrapped around C{sock}. (R RRœRRRRsRRRRšRRAR RRRfR RRžRŸR"RRd(R:R t client_ctxt client_storet client_conn((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyt_client•s    cCs¿t}x²|rºt}xŸ||f||fgD]…\}}y|jdƒ}Wntk r`n X||fSxEtr²y|jdƒ}Wntk r›PqnXt}|j|ƒqnWq.Wq WdS(s Try to read application bytes from each of the two L{Connection} objects. Copy bytes back and forth between their send/receive buffers for as long as there is anything to copy. When there is nothing more to copy, return C{None}. If one of them actually manages to deliver some application bytes, return a two-tuple of the connection from which the bytes were read and the bytes themselves. iiiNi(R/R,R†R tbio_readt bio_write(R:R§R£twrotetreadRQtbytestdirty((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyt _loopback©s"       cCs°|jdƒ}|jdƒ}|j|jƒdƒ|j|jƒdƒ|j|jƒdƒ|j|j||ƒdƒ|j|jƒdƒ|j|jƒdƒ|j|jƒdƒ|j |jƒ|jƒƒ|j |jƒ|jƒƒ|j |jƒ|jƒƒ|j |jƒ|jƒƒd}|j |ƒ|j |j||ƒ||fƒ|j |ddd…ƒ|j |j||ƒ||ddd…fƒdS(s Two L{Connection}s which use memory BIOs can be manually connected by reading from the output of each and writing those bytes to the input of the other and in this way establish a connection and exchange application-level bytes with each other. sOne if by land, two if by sea.Niÿÿÿÿ( R¤RZR¨R=t master_keyt client_randomt server_randomR¯tassertNotIdenticalt assertEqualstassertNotEqualsRQ(R:R£R§timportant_message((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_memoryConnectØs,  c Csútƒ\}}|j|ƒ}|j|ƒ}t}xO|s„t}x<||fD].}y|jƒWqOtk r|t}qOXqOWq6Wd}|j|ƒ|jdƒ}|j ||ƒ|ddd…}|j|ƒ|jdƒ}|j ||ƒdS(s³ Just like L{test_memoryConnect} but with an actual socket. This is primarily to rule out the memory BIO code as the source of any problems encountered while passing data over a L{Connection} (if this test fails, there must be a problem outside the memory BIO code, as no memory BIO is involved here). Even though this isn't a memory BIO test, it's convenient to have it here. s,Help me Obi Wan Kenobi, you're my only hope.iNiÿÿÿÿ( R5R¨R¤R,R/RhR R1R†RY( R:R4R3R§R£t establishedRkR¶tmsg((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_socketConnects&     cCsgttƒ}tƒ}t||ƒ}|jt|jdƒ|jt|jdƒ|jt|jƒdS(s” Test that L{OpenSSL.SSL.bio_read} and L{OpenSSL.SSL.bio_write} don't work on L{OpenSSL.SSL.Connection}() that use sockets. idtfooN( R RRRR7R8R©Rªt bio_shutdown(R:R]R3Ri((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_socketOverridesMemory,s   cCsœ|jdƒ}|jdƒ}|j||ƒd}|jd|ƒ}|j||kƒ|j||ƒ\}}|j||ƒ|jt|ƒ|ƒdS(s  If more bytes than can be written to the memory BIO are passed to L{Connection.send} at once, the number of bytes which were written is returned and that many bytes from the beginning of the input can be read from the other end of the connection. iiR'Ni€( R¤RZR¨R¯R1RUR=R´RV(R:R4R3tsizetsenttreceivertreceived((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_outgoingOverflow9scCsH|jdƒ}|jƒ|jt|jdƒ}|j|jtƒdS(s{ L{Connection.bio_shutdown} signals the end of the data stream from which the L{Connection} reads. iN(R¤RZR¼R7RR†R´t __class__(R:R4te((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyt test_shutdownTs cCsÎ|jdƒ}|jdƒ}|j|jƒgƒ|j|jƒgƒ|jƒ}||ƒ}|j|jƒgƒ|j|jƒ|ƒ|j||ƒ|j|jƒ|ƒ|j|jƒ|ƒdS(s Verify the return value of the C{get_client_ca_list} method for server and client connections. @param func: A function which will be called with the server context before the client and server are connected to each other. This function should specify a list of CAs for the server to send to the client and return that same list. The list will be used to verify that C{get_client_ca_list} returns the proper value at various times. N(R¤RZR¨RYtget_client_ca_listt get_contextR¯(R:tfuncR4R3RCtexpected((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyt_check_client_ca_listas   cCsXttƒ}|jt|jdƒ|jt|jdgƒ|j|jgƒdƒdS(s L{Context.set_client_ca_list} raises a L{TypeError} if called with a non-list or a list that contains objects other than X509Names. tspamN(R RR7R8tset_client_ca_listR=RZ(R:RC((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_set_client_ca_list_errorsys cCsd„}|j|ƒdS(s If passed an empty list, L{Context.set_client_ca_list} configures the context to send no CA names to the client and, on both the server and client sides, L{Connection.get_client_ca_list} returns an empty list after the connection is set up. cSs|jgƒgS(N(RÌ(RC((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pytno_ca‹s N(RÊ(R:RÎ((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_set_empty_ca_list„s cs;tttƒ}|jƒ‰‡fd†}|j|ƒdS(sK If passed a list containing a single X509Name, L{Context.set_client_ca_list} configures the context to send that CA name to the client and, on both the server and client sides, L{Connection.get_client_ca_list} returns a list containing that X509Name after the connection is set up. cs|jˆgƒˆgS(N(RÌ(RC(tcadesc(sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyt single_ca›sN(R RR"RvRÊ(R:tcacertRÑ((RÐsH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_set_one_ca_list‘s csYtttƒ}tttƒ}|jƒ‰|jƒ‰‡‡fd†}|j|ƒdS(sW If passed a list containing multiple X509Name objects, L{Context.set_client_ca_list} configures the context to send those CA names to the client and, on both the server and client sides, L{Connection.get_client_ca_list} returns a list containing those X509Names after the connection is set up. csˆˆg}|j|ƒ|S(N(RÌ(RCtL(tcldesctsedesc(sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyt multiple_ca¯s  N(R RR RvRÊ(R:tsecerttclcertR×((RÕRÖsH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_set_multiple_ca_list¡s   cswtttƒ}tttƒ}tttƒ}|jƒ‰|jƒ‰|jƒ‰‡‡‡fd†}|j|ƒdS(s¿ If called multiple times, only the X509Names passed to the final call of L{Context.set_client_ca_list} are used to configure the CA names sent to the client. cs*|jˆˆgƒ|jˆgƒˆgS(N(RÌ(RC(RÐRÕRÖ(sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyt changed_caÄsN(R RR"R RvRÊ(R:RÒRØRÙRÛ((RÐRÕRÖsH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_reset_ca_list¶s   csYtttƒ}tttƒ}|jƒ‰|jƒ‰‡‡fd†}|j|ƒdS(sª If the list passed to L{Context.set_client_ca_list} is mutated afterwards, this does not affect the list of CA names sent to the client. cs-ˆg}|jˆgƒ|jˆƒˆgS(N(RÌRH(RCRÔ(RÐRÖ(sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyt mutated_ca×s  N(R RR"R RvRÊ(R:RÒRØRÝ((RÐRÖsH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_mutated_ca_listËs   cCsattƒ}tttƒ}|jt|jƒ|jt|jdƒ|jt|j||ƒdS(s• L{Context.add_client_ca} raises L{TypeError} if called with a non-X509 object or with a number of arguments other than one. RËN(R RR RR"R7R8t add_client_ca(R:RCRÒ((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_add_client_ca_errorsßs  cs>tttƒ‰ˆjƒ‰‡‡fd†}|j|ƒdS(s~ A certificate's subject can be added as a CA to be sent to the client with L{Context.add_client_ca}. cs|jˆƒˆgS(N(Rß(RC(RÒRÐ(sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyRÑòs N(R RR"RvRÊ(R:RÑ((RÒRÐsH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_one_add_client_caës cs_tttƒ‰tttƒ‰ˆjƒ‰ˆjƒ‰‡‡‡‡fd†}|j|ƒdS(s… Multiple CA names can be sent to the client by calling L{Context.add_client_ca} with multiple X509 objects. cs$|jˆƒ|jˆƒˆˆgS(N(Rß(RC(RÒRÐRØRÖ(sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyR×s  N(R RR"R RvRÊ(R:R×((RÒRÐRØRÖsH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_multiple_add_client_caøs   csztttƒ}tttƒ}tttƒ‰|jƒ‰|jƒ‰ˆjƒ‰‡‡‡‡fd†}|j|ƒdS(sÐ A call to L{Context.set_client_ca_list} followed by a call to L{Context.add_client_ca} results in using the CA names from the first call and the CA name from the second call. cs-|jˆˆgƒ|jˆƒˆˆˆgS(N(RÌRß(RC(RÐRÙRÕRÖ(sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pytmixed_set_add_cas N(R RR"R RvRÊ(R:RÒRØRã((RÐRÙRÕRÖsH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_set_and_add_client_ca s   csztttƒ}tttƒ‰tttƒ‰|jƒ‰ˆjƒ‰ˆjƒ}‡‡‡‡fd†}|j|ƒdS(sÐ A call to L{Context.set_client_ca_list} after a call to L{Context.add_client_ca} replaces the CA name specified by the former call with the names specified by the latter cal. cs4|jˆƒ|jˆgƒ|jˆƒˆˆgS(N(RßRÌ(RC(RÐRÙRØRÖ(sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pytset_replaces_add_ca-s  N(R RR"R RvRÊ(R:RÒRÕRå((RÐRÙRØRÖsH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyttest_set_after_add_client_cas   (RRŽRR¤R¨R¯R·RºR½RÂRÅRÊRÍRÏRÓRÚRÜRÞRàRáRâRäRæ(((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pyR›{s*   / + )        t__main__N(9RtsysRRtosRtos.pathRtunittestRtOpenSSL.cryptoRRRRR R t OpenSSL.SSLR R R RRRRRRRRRRRRRtOpenSSL.test.utilRtOpenSSL.test.test_cryptoRRRRR R!R"R#t ImportErrorRZR$R%R5R6RR‘R”RšR›R(((sH/opt/alt/python27/lib64/python2.7/site-packages/OpenSSL/test/test_ssl.pytsF.."(       ð + ÿ¼