mirror of
https://github.com/python/cpython.git
synced 2025-10-31 05:31:20 +00:00
Bill Janssen wrote:
Here's a patch which makes test_ssl a better player in the buildbots environment. I deep-ended on "try-except-else" clauses.
This commit is contained in:
Guido van Rossum
parent
7fc8e2993a
commit
e472933e27
2 changed files with 87 additions and 43 deletions
|
|
@ -100,12 +100,13 @@ def __init__(self, sock, keyfile=None, certfile=None,
|
||||||
# see if it's connected
|
# see if it's connected
|
||||||
try:
|
try:
|
||||||
socket.getpeername(self)
|
socket.getpeername(self)
|
||||||
# yes
|
except:
|
||||||
|
# no, no connection yet
|
||||||
|
self._sslobj = None
|
||||||
|
else:
|
||||||
|
# yes, create the SSL object
|
||||||
self._sslobj = _ssl.sslwrap(self._sock, 0, keyfile, certfile,
|
self._sslobj = _ssl.sslwrap(self._sock, 0, keyfile, certfile,
|
||||||
cert_reqs, ssl_version, ca_certs)
|
cert_reqs, ssl_version, ca_certs)
|
||||||
except:
|
|
||||||
# no
|
|
||||||
self._sslobj = None
|
|
||||||
self.keyfile = keyfile
|
self.keyfile = keyfile
|
||||||
self.certfile = certfile
|
self.certfile = certfile
|
||||||
self.cert_reqs = cert_reqs
|
self.cert_reqs = cert_reqs
|
||||||
|
|
|
||||||
|
|
@ -91,21 +91,49 @@ class ConnectedTests(unittest.TestCase):
|
||||||
def testTLSecho (self):
|
def testTLSecho (self):
|
||||||
|
|
||||||
s1 = socket.socket()
|
s1 = socket.socket()
|
||||||
|
try:
|
||||||
s1.connect(('127.0.0.1', 10024))
|
s1.connect(('127.0.0.1', 10024))
|
||||||
|
except:
|
||||||
|
sys.stdout.write("connection failure:\n" + string.join(
|
||||||
|
traceback.format_exception(*sys.exc_info())))
|
||||||
|
raise test_support.TestFailed("Can't connect to test server")
|
||||||
|
else:
|
||||||
|
try:
|
||||||
c1 = ssl.sslsocket(s1, ssl_version=ssl.PROTOCOL_TLSv1)
|
c1 = ssl.sslsocket(s1, ssl_version=ssl.PROTOCOL_TLSv1)
|
||||||
|
except:
|
||||||
|
sys.stdout.write("SSL handshake failure:\n" + string.join(
|
||||||
|
traceback.format_exception(*sys.exc_info())))
|
||||||
|
raise test_support.TestFailed("Can't SSL-handshake with test server")
|
||||||
|
else:
|
||||||
|
if not c1:
|
||||||
|
raise test_support.TestFailed("Can't SSL-handshake with test server")
|
||||||
indata = "FOO\n"
|
indata = "FOO\n"
|
||||||
c1.write(indata)
|
c1.write(indata)
|
||||||
outdata = c1.read()
|
outdata = c1.read()
|
||||||
if outdata != indata.lower():
|
if outdata != indata.lower():
|
||||||
sys.stderr.write("bad data <<%s>> received\n" % data)
|
raise test_support.TestFailed("bad data <<%s>> received; expected <<%s>>\n" % (data, indata.lower()))
|
||||||
c1.close()
|
c1.close()
|
||||||
|
|
||||||
def testReadCert(self):
|
def testReadCert(self):
|
||||||
|
|
||||||
s2 = socket.socket()
|
s2 = socket.socket()
|
||||||
|
try:
|
||||||
s2.connect(('127.0.0.1', 10024))
|
s2.connect(('127.0.0.1', 10024))
|
||||||
|
except:
|
||||||
|
sys.stdout.write("connection failure:\n" + string.join(
|
||||||
|
traceback.format_exception(*sys.exc_info())))
|
||||||
|
raise test_support.TestFailed("Can't connect to test server")
|
||||||
|
else:
|
||||||
|
try:
|
||||||
c2 = ssl.sslsocket(s2, ssl_version=ssl.PROTOCOL_TLSv1,
|
c2 = ssl.sslsocket(s2, ssl_version=ssl.PROTOCOL_TLSv1,
|
||||||
cert_reqs=ssl.CERT_REQUIRED, ca_certs=CERTFILE)
|
cert_reqs=ssl.CERT_REQUIRED, ca_certs=CERTFILE)
|
||||||
|
except:
|
||||||
|
sys.stdout.write("SSL handshake failure:\n" + string.join(
|
||||||
|
traceback.format_exception(*sys.exc_info())))
|
||||||
|
raise test_support.TestFailed("Can't SSL-handshake with test server")
|
||||||
|
else:
|
||||||
|
if not c2:
|
||||||
|
raise test_support.TestFailed("Can't SSL-handshake with test server")
|
||||||
cert = c2.getpeercert()
|
cert = c2.getpeercert()
|
||||||
if not cert:
|
if not cert:
|
||||||
raise test_support.TestFailed("Can't get peer certificate.")
|
raise test_support.TestFailed("Can't get peer certificate.")
|
||||||
|
|
@ -138,10 +166,22 @@ def __init__(self, server, connsock):
|
||||||
|
|
||||||
def run (self):
|
def run (self):
|
||||||
self.running = True
|
self.running = True
|
||||||
|
try:
|
||||||
sslconn = ssl.sslsocket(self.sock, server_side=True,
|
sslconn = ssl.sslsocket(self.sock, server_side=True,
|
||||||
certfile=self.server.certificate,
|
certfile=self.server.certificate,
|
||||||
ssl_version=self.server.protocol,
|
ssl_version=self.server.protocol,
|
||||||
cert_reqs=self.server.certreqs)
|
cert_reqs=self.server.certreqs)
|
||||||
|
except:
|
||||||
|
# here, we want to stop the server, because this shouldn't
|
||||||
|
# happen in the context of our test case
|
||||||
|
sys.stdout.write("Test server failure:\n" + string.join(
|
||||||
|
traceback.format_exception(*sys.exc_info())))
|
||||||
|
self.running = False
|
||||||
|
# normally, we'd just stop here, but for the test
|
||||||
|
# harness, we want to stop the server
|
||||||
|
self.server.stop()
|
||||||
|
return
|
||||||
|
|
||||||
while self.running:
|
while self.running:
|
||||||
try:
|
try:
|
||||||
msg = sslconn.read()
|
msg = sslconn.read()
|
||||||
|
|
@ -154,15 +194,18 @@ def run (self):
|
||||||
self.server.stop()
|
self.server.stop()
|
||||||
self.running = False
|
self.running = False
|
||||||
else:
|
else:
|
||||||
# print "server:", msg.strip().lower()
|
sys.stdout.write("\nserver: %s\n" % msg.strip().lower())
|
||||||
sslconn.write(msg.lower())
|
sslconn.write(msg.lower())
|
||||||
except ssl.sslerror:
|
except ssl.sslerror:
|
||||||
sys.stderr.write(string.join(
|
sys.stdout.write("Test server failure:\n" + string.join(
|
||||||
traceback.format_exception(*sys.exc_info())))
|
traceback.format_exception(*sys.exc_info())))
|
||||||
sslconn.close()
|
sslconn.close()
|
||||||
self.running = False
|
self.running = False
|
||||||
|
# normally, we'd just stop here, but for the test
|
||||||
|
# harness, we want to stop the server
|
||||||
|
self.server.stop()
|
||||||
except:
|
except:
|
||||||
sys.stderr.write(string.join(
|
sys.stdout.write(string.join(
|
||||||
traceback.format_exception(*sys.exc_info())))
|
traceback.format_exception(*sys.exc_info())))
|
||||||
|
|
||||||
def __init__(self, port, certificate, ssl_version=None,
|
def __init__(self, port, certificate, ssl_version=None,
|
||||||
|
|
@ -192,20 +235,20 @@ def run (self):
|
||||||
while self.active:
|
while self.active:
|
||||||
try:
|
try:
|
||||||
newconn, connaddr = self.sock.accept()
|
newconn, connaddr = self.sock.accept()
|
||||||
# sys.stderr.write('new connection from ' + str(connaddr))
|
sys.stdout.write('\nserver: new connection from ' + str(connaddr) + '\n')
|
||||||
handler = self.connectionHandler(self, newconn)
|
handler = self.connectionHandler(self, newconn)
|
||||||
handler.start()
|
handler.start()
|
||||||
except socket.timeout:
|
except socket.timeout:
|
||||||
pass
|
pass
|
||||||
except KeyboardInterrupt:
|
except KeyboardInterrupt:
|
||||||
self.active = False
|
self.stop()
|
||||||
except:
|
except:
|
||||||
sys.stderr.write(string.join(
|
sys.stdout.write("Test server failure:\n" + string.join(
|
||||||
traceback.format_exception(*sys.exc_info())))
|
traceback.format_exception(*sys.exc_info())))
|
||||||
|
|
||||||
def stop (self):
|
def stop (self):
|
||||||
self.active = False
|
self.active = False
|
||||||
|
self.sock.close()
|
||||||
|
|
||||||
CERTFILE_CONFIG_TEMPLATE = """
|
CERTFILE_CONFIG_TEMPLATE = """
|
||||||
# create RSA certs - Server
|
# create RSA certs - Server
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue