aioquic
aioquic copied to clipboard
Only load certifi if no alternates have been specified. [#476]
This makes tls.py only load the certifi CA info if no alternate CA configuration has been specified.
Codecov Report
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 100.00%. Comparing base (
ae282aa
) to head (1c71326
).
Additional details and impacted files
@@ Coverage Diff @@
## main #479 +/- ##
=========================================
Coverage 100.00% 100.00%
=========================================
Files 25 25
Lines 4966 4967 +1
=========================================
+ Hits 4966 4967 +1
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
I have tested this by hand and it still has 100% coverage, but there is no unit test specifically that a certificate valid from certifi's POV is NOT valid if a cafile with just a self-signed cert is provided. I haven't come up with a good way to do this yet, as I didn't want to check a real but probably short-lived certificate into the repo, nor did I want to require live Internet.
I have tested this by hand and it still has 100% coverage, but there is no unit test specifically that a certificate valid from certifi's POV is NOT valid if a cafile with just a self-signed cert is provided. I haven't come up with a good way to do this yet, as I didn't want to check a real but probably short-lived certificate into the repo, nor did I want to require live Internet.
Yeah I don't see a good way of testing this, but I'll live with it.
Uhoh, CI failed :
https://github.com/aiortc/aioquic/actions/runs/8225502073/job/22490610307