def test_openssl_version_text(self):
"""
This test checks the value of OPENSSL_VERSION_TEXT.
Unfortunately, this define does not appear to have a
formal content definition, so for now we'll test to see
if it starts with OpenSSL or LibreSSL as that appears
to be true for every OpenSSL-alike.
"""
assert (backend.openssl_version_text().startswith("OpenSSL")
or backend.openssl_version_text().startswith("LibreSSL"))
def test_openssl_version_text(self):
"""
This test checks the value of OPENSSL_VERSION_TEXT.
Unfortunately, this define does not appear to have a
formal content definition, so for now we'll test to see
if it starts with OpenSSL or LibreSSL as that appears
to be true for every OpenSSL-alike.
"""
assert backend.openssl_version_text().startswith("OpenSSL") or backend.openssl_version_text().startswith(
"LibreSSL"
)
def test_actual_osrandom_bytes(self, monkeypatch):
skip_if_libre_ssl(backend.openssl_version_text())
sample_data = (b"\x01\x02\x03\x04" * 4)
length = len(sample_data)
def notrandom(size):
assert size == length
return sample_data
monkeypatch.setattr(os, "urandom", notrandom)
buf = backend._ffi.new("char[]", length)
backend._lib.RAND_bytes(buf, length)
assert backend._ffi.buffer(buf)[0:length] == sample_data
def test_actual_osrandom_bytes(self, monkeypatch):
skip_if_libre_ssl(backend.openssl_version_text())
sample_data = (b"\x01\x02\x03\x04" * 4)
length = len(sample_data)
def notrandom(size):
assert size == length
return sample_data
monkeypatch.setattr(os, "urandom", notrandom)
buf = backend._ffi.new("unsigned char[]", length)
backend._lib.RAND_bytes(buf, length)
assert backend._ffi.buffer(buf)[0:length] == sample_data
def main():
"""
Launch tests to check required modules and OS-specific dependencies.
Exit with a relevant error code.
"""
exit_code = 0
try:
import zlib
zlib
except:
sys.stderr.write('"zlib" missing.\n')
exit_code = 1
try:
import _hashlib
_hashlib
except:
sys.stderr.write('standard "ssl" missing.\n')
exit_code = 2
try:
from OpenSSL import SSL, crypto, rand
SSL
crypto
rand
except:
sys.stderr.write('"OpenSSL" missing.\n')
exit_code = 3
try:
import Crypto
Crypto
except:
sys.stderr.write('"PyCrypto" missing.\n')
exit_code = 4
if os.name != 'nt':
# Module only available on Linux / Unix
try:
import crypt
crypt
except:
sys.stderr.write('"crypt" missing.\n')
exit_code = 5
try:
import setproctitle
setproctitle
except:
sys.stderr.write('"setproctitle" missing.\n')
exit_code = 7
try:
from Crypto.PublicKey import _fastmath
_fastmath
except:
sys.stderr.write('"Crypto.PublicKey._fastmath" missing. No GMP?\n')
exit_code = 10
try:
import sqlite3
sqlite3
except:
sys.stderr.write('"sqlite3" missing.\n')
exit_code = 6
try:
from ctypes import CDLL
CDLL
except:
sys.stderr.write('"ctypes - CDLL" missing.\n')
exit_code = 8
try:
from ctypes.util import find_library
find_library
except:
sys.stderr.write('"ctypes.utils - find_library" missing.\n')
exit_code = 9
# Windows specific modules.
if os.name == 'nt':
try:
from ctypes import windll
windll
except:
sys.stderr.write('"ctypes - windll" missing.\n')
exit_code = 1
try:
import sqlite3
sqlite3
except:
sys.stderr.write('"sqlite3" missing.\n')
exit_code = 1
# For now cryptography is only available on Winodws
try:
from cryptography.hazmat.backends.openssl.backend import backend
openssl_version = backend.openssl_version_text()
except:
sys.stderr.write('"cryptography" failure.\n')
exit_code = 3
else:
# Check OpenSSL version.
assert openssl_version == u'OpenSSL 1.0.2d 9 Jul 2015'
else:
# Linux and Unix checks.
try:
import setproctitle
setproctitle
except:
sys.stderr.write('"setproctitle" missing.\n')
exit_code = 1
try:
import crypt
crypt
except:
sys.stderr.write('"crypt" missing.\n')
exit_code = 1
try:
from Crypto.PublicKey import _fastmath
_fastmath
except:
sys.stderr.write('Crypto.PublicKey._fastmath missing. No GMP?\n')
exit_code = 1
if ( platform_system == 'linux' ) or ( platform_system == 'sunos' ):
try:
import spwd
spwd
except:
sys.stderr.write('"spwd" missing.\n')
exit_code = 1
# We compile the readline module using libedit only on selected platforms.
if test_for_readline:
try:
import readline
readline.get_history_length()
except:
sys.stderr.write('"readline" missing.\n')
exit_code = 13
exit_code = test_dependencies() | exit_code
sys.exit(exit_code)
from cryptography.hazmat.backends.openssl.backend import backend print backend.openssl_version_text()
connection_a, connection_b = dummy_connection_pair()
return (DummyIceTransport(connection_a, 'controlling'),
DummyIceTransport(connection_b, 'controlled'))
def dummy_dtls_transport_pair():
ice_a, ice_b = dummy_ice_transport_pair()
dtls_a = RTCDtlsTransport(ice_a, [RTCCertificate.generateCertificate()])
dtls_b = RTCDtlsTransport(ice_b, [RTCCertificate.generateCertificate()])
run(
asyncio.gather(dtls_b.start(dtls_a.getLocalParameters()),
dtls_a.start(dtls_b.getLocalParameters())))
return (dtls_a, dtls_b)
def load(name):
path = os.path.join(os.path.dirname(__file__), name)
with open(path, 'rb') as fp:
return fp.read()
def run(coro):
return asyncio.get_event_loop().run_until_complete(coro)
if os.environ.get('AIORTC_DEBUG'):
logging.basicConfig(level=logging.DEBUG)
if os.environ.get('TRAVIS'):
sys.stderr.write(backend.openssl_version_text() + '\n')
def main():
"""
Launch tests to check required modules and OS-specific dependencies.
Exit with a relevant error code.
"""
exit_code = 0
import sys
print 'python %s' % (sys.version,)
try:
import zlib
print 'zlib %s' % (zlib.__version__,)
except:
sys.stderr.write('"zlib" missing.\n')
exit_code = 1
try:
import _hashlib
import ssl
_hashlib
print 'stdlib ssl %s' % (ssl.OPENSSL_VERSION,)
except:
sys.stderr.write('standard "ssl" missing.\n')
exit_code = 2
# cryptography module and latest pyOpenSSL are only available on
# systems with cffi.
if BUILD_CFFI:
try:
from cryptography.hazmat.backends.openssl.backend import backend
import cryptography
openssl_version = backend.openssl_version_text()
print 'cryptography %s - OpenSSL %s' % (
cryptography.__version__, openssl_version)
if chevah_os == 'windows':
# Check OpenSSL version on windows.
expecting = u'OpenSSL 1.0.2g 1 Mar 2016'
if openssl_version != expecting:
sys.stderr.write('Expecting %s got %s.\n' % (
expecting, openssl_version))
exit_code = 3
except Exception as error:
sys.stderr.write('"cryptography" failure. %s\n' % (error,))
exit_code = 14
try:
from OpenSSL import SSL, crypto, rand, __version__ as pyopenssl_version
crypto
rand
print 'pyopenssl %s - OpenSSL %s' % (
pyopenssl_version,
SSL.SSLeay_version(SSL.SSLEAY_VERSION),
)
except Exception as error:
sys.stderr.write('"OpenSSL" missing. %s\n' % (error,))
exit_code = 3
try:
import Crypto
print 'PyCrypto %s' % (Crypto.__version__,)
except:
sys.stderr.write('"PyCrypto" missing.\n')
exit_code = 4
if os.name != 'nt':
# Module only available on Linux / Unix
try:
import crypt
crypt
except:
sys.stderr.write('"crypt" missing.\n')
exit_code = 5
try:
import setproctitle
setproctitle
except:
sys.stderr.write('"setproctitle" missing.\n')
exit_code = 7
try:
from Crypto.PublicKey import _fastmath
_fastmath
except:
sys.stderr.write('"Crypto.PublicKey._fastmath" missing. No GMP?\n')
exit_code = 10
try:
from ctypes import CDLL
import ctypes
CDLL
print 'ctypes %s' % (ctypes.__version__,)
except:
sys.stderr.write('"ctypes - CDLL" missing. %s\n')
exit_code = 8
try:
from ctypes.util import find_library
find_library
except:
sys.stderr.write('"ctypes.utils - find_library" missing.\n')
exit_code = 9
# Windows specific modules.
if os.name == 'nt':
try:
from ctypes import windll
windll
except:
sys.stderr.write('"ctypes - windll" missing.\n')
exit_code = 1
try:
import sqlite3
sqlite3
except:
sys.stderr.write('"sqlite3" missing.\n')
exit_code = 6
else:
# Linux and Unix checks.
try:
import crypt
crypt
except:
sys.stderr.write('"crypt" missing.\n')
exit_code = 5
try:
import pysqlite2
pysqlite2
except:
sys.stderr.write('"pysqlite2" missing.\n')
exit_code = 6
try:
import setproctitle
print 'setproctitle %s' % (setproctitle.__version__,)
except:
sys.stderr.write('"setproctitle" missing.\n')
exit_code = 7
try:
from Crypto.PublicKey import _fastmath
_fastmath
except:
sys.stderr.write('Crypto.PublicKey._fastmath missing. No GMP?\n')
exit_code = 10
if ( platform_system == 'linux' ) or ( platform_system == 'sunos' ):
try:
import spwd
spwd
except:
sys.stderr.write('"spwd" missing.\n')
exit_code = 1
# We compile the readline module using libedit only on selected platforms.
if test_for_readline:
try:
import readline
readline.get_history_length()
except:
sys.stderr.write('"readline" missing.\n')
exit_code = 13
exit_code = test_dependencies() | exit_code
sys.exit(exit_code)
def lambda_handler(event, context):
print(backend.openssl_version_text())
def main():
"""
Launch tests to check required modules and OS-specific dependencies.
Exit with a relevant error code.
"""
exit_code = 0
import sys
print('python %s' % (sys.version,))
try:
import zlib
except:
sys.stderr.write('"zlib" is missing.\n')
exit_code = 131
else:
print('zlib %s' % (zlib.__version__,))
try:
from ssl import OPENSSL_VERSION
import _hashlib
exit_code = egg_check(_hashlib) | exit_code
except:
sys.stderr.write('standard "ssl" is missing.\n')
exit_code = 132
else:
print('stdlib ssl - %s' % (OPENSSL_VERSION,))
try:
from cryptography.hazmat.backends.openssl.backend import backend
import cryptography
openssl_version = backend.openssl_version_text()
if CHEVAH_OS in [ "win", "macos", "lnx", "rhel-8" ]:
if CHEVAH_OS == "rhel-8":
# On RHEL 8.3, OpenSSL got updated to 1.1.1g. To keep backward
# compatibility, link to version 1.1.1c from CentOS 8.2.2004.
expecting = u'OpenSSL 1.1.1c FIPS 28 May 2019'
else:
# Use latest OpenSSL version when building it from source.
expecting = u'OpenSSL 1.1.1k 25 Mar 2021'
if openssl_version != expecting:
sys.stderr.write('Expecting %s, got %s.\n' % (
expecting, openssl_version))
exit_code = 133
except Exception as error:
sys.stderr.write('"cryptography" failure. %s\n' % (error,))
exit_code = 134
else:
print('cryptography %s - %s' % (
cryptography.__version__, openssl_version))
try:
from ctypes import CDLL
import ctypes
CDLL
except:
sys.stderr.write('"ctypes - CDLL" is missing. %s\n')
exit_code = 138
else:
print('ctypes %s' % (ctypes.__version__,))
try:
from ctypes.util import find_library
find_library
except:
sys.stderr.write('"ctypes.utils - find_library" is missing.\n')
exit_code = 139
try:
import multiprocessing
multiprocessing.current_process()
except:
sys.stderr.write('"multiprocessing" is missing or broken.\n')
exit_code = 140
try:
import subprocess32 as subprocess
dir_output = subprocess.check_output('ls')
except:
sys.stderr.write('"subprocess32" is missing or broken.\n')
exit_code = 145
else:
print('"subprocess32" module is present.')
try:
import bcrypt
password = b"super secret password"
# Hash the password with a randomly-generated salt.
hashed = bcrypt.hashpw(password, bcrypt.gensalt())
# Check that an unhashed password matches hashed one.
if bcrypt.checkpw(password, hashed):
print('bcrypt %s' % (bcrypt.__version__,))
else:
sys.stderr.write('"bcrypt" is present, but broken.\n')
exit_code = 146
except:
sys.stderr.write('"bcrypt" is missing.\n')
exit_code = 147
try:
import bz2
test_string = b"just a random string to quickly test bz2"
test_string_bzipped = bz2.compress(test_string)
if bz2.decompress(test_string_bzipped) == test_string:
print('"bz2" module is present.')
else:
sys.stderr.write('"bzip" is present, but broken.\n')
exit_code = 148
except:
sys.stderr.write('"bz2" is missing.\n')
exit_code = 149
try:
import setproctitle
current_process_title = setproctitle.getproctitle()
except:
sys.stderr.write('"setproctitle" is missing or broken.\n')
exit_code = 150
else:
print('setproctitle %s' % (setproctitle.__version__,))
try:
from sqlite3 import dbapi2 as sqlite
except:
sys.stderr.write('"sqlite3" is missing or broken.\n')
exit_code = 153
else:
print('sqlite3 %s - sqlite %s' % (
sqlite.version, sqlite.sqlite_version))
try:
import psutil
cpu_percent = psutil.cpu_percent()
except:
sys.stderr.write('"psutil" is missing or broken.\n')
exit_code = 160
else:
print('psutil %s' % (psutil.__version__,))
try:
import uuid
uuid.uuid4()
except:
sys.stderr.write('"uuid" is missing or broken.\n')
exit_code = 163
else:
print('"uuid" module is present.')
if os.name == 'nt':
# Windows specific modules.
try:
from ctypes import windll
windll
except:
sys.stderr.write('"ctypes - windll" is missing.\n')
exit_code = 152
else:
print('ctypes %s' % (ctypes.__version__,))
else:
# Linux / Unix stuff.
try:
import crypt
crypt
except:
sys.stderr.write('"crypt" is missing.\n')
exit_code = 155
# Check for the git revision in Python's sys.version on Linux and Unix.
try:
git_rev_cmd = ['git', 'log', '-1', '--no-merges', '--format=%h']
git_rev = subprocess.check_output(git_rev_cmd).strip().decode()
except:
sys.stderr.write("Couldn't get the git rev for the current tree.\n")
exit_code = 157
else:
bin_ver = sys.version.split('(')[1].split(',')[0]
if bin_ver != git_rev:
sys.stderr.write("Python version doesn't match git revision!\n"
"\tBin ver: {0}".format(bin_ver) + "\n"
"\tGit rev: {0}".format(git_rev) + "\n")
exit_code = 158
if platform_system in [ 'linux', 'sunos' ]:
try:
import spwd
spwd
except:
sys.stderr.write('"spwd" is missing, but it should be present.\n')
exit_code = 161
else:
print('"spwd" module is present.')
# The readline module is built using libedit only on selected platforms.
if BUILD_LIBEDIT:
try:
import readline
readline.get_history_length()
except:
sys.stderr.write('"readline" is missing or broken.\n')
exit_code = 162
else:
print('"readline" module is present.')
exit_code = test_dependencies() | exit_code
sys.exit(exit_code)
