Add a test for bad IDNA in ssl server_hostname (#1997)

See discussion:
  https://github.com/python/cpython/pull/1992#issuecomment-307024778

diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index 8dcd3b613dd30895a78a0f6b489450199febccbb..fdaf1c52046f1528638cad1242f3e816a72e1cfd 100644 (file)
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -1393,6 +1393,16 @@ class SSLErrorTests(unittest.TestCase):
                 # For compatibility
                 self.assertEqual(cm.exception.errno, ssl.SSL_ERROR_WANT_READ)
 
+    def test_bad_idna_in_server_hostname(self):
+        # Note: this test is testing some code that probably shouldn't exist
+        # in the first place, so if it starts failing at some point because
+        # you made the ssl module stop doing IDNA decoding then please feel
+        # free to remove it. The test was mainly added because this case used
+        # to cause memory corruption (see bpo-30594).
+        ctx = ssl.create_default_context()
+        with self.assertRaises(UnicodeError):
+            ctx.wrap_bio(ssl.MemoryBIO(), ssl.MemoryBIO(),
+                         server_hostname="xn--.com")
 
 class MemoryBIOTests(unittest.TestCase):