[test] Fix `test_load_certifi`

[yt-dlp.git] / test / test_networking_utils.py

diff --git a/test/test_networking_utils.py b/test/test_networking_utils.py
index ef46f79ed0fb4c57c8d778dc14a33124e4a6658d..dbf656090da5484e40b1f9a59d5c4c156124f78d 100644 (file)
--- a/test/test_networking_utils.py
+++ b/test/test_networking_utils.py
@@ -95,17 +95,20 @@ def test_make_socks_proxy_unknown(self):
 
     @pytest.mark.skipif(not certifi, reason='certifi is not installed')
     def test_load_certifi(self):
+        context_certifi = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
+        context_certifi.load_verify_locations(cafile=certifi.where())
         context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
-        context2 = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
         ssl_load_certs(context, use_certifi=True)
-        context2.load_verify_locations(cafile=certifi.where())
-        assert context.get_ca_certs() == context2.get_ca_certs()
-
-        # Test load normal certs
-        # XXX: could there be a case where system certs are the same as certifi?
-        context3 = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
-        ssl_load_certs(context3, use_certifi=False)
-        assert context3.get_ca_certs() != context.get_ca_certs()
+        assert context.get_ca_certs() == context_certifi.get_ca_certs()
+
+        context_default = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
+        context_default.load_default_certs()
+        context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
+        ssl_load_certs(context, use_certifi=False)
+        assert context.get_ca_certs() == context_default.get_ca_certs()
+
+        if context_default.get_ca_certs() == context_certifi.get_ca_certs():
+            pytest.skip('System uses certifi as default. The test is not valid')
 
     @pytest.mark.parametrize('method,status,expected', [
         ('GET', 303, 'GET'),