Beispiel #1
0
    def testEnumSetters(self):
        config = TSSLConfig()
        bogus_values = ['', 'bogus', 5, 0]
        for v in bogus_values:
            with self.assertRaises(ValueError):
                config.verify = v

        for v in bogus_values:
            with self.assertRaises(ValueError):
                config.ssl_policy = v
Beispiel #2
0
    def testValidateSSL(self):
        valid, msg = self.server.validateSSLConfig({})
        self.assertFalse(valid)
        self.assertIsNotNone(msg)

        cfg = TSSLConfig()
        valid, msg = self.server.validateSSLConfig(cfg)
        self.assertTrue(valid)
        self.assertIsNone(msg)

        cfg.key_path = 'thrift/test/py/test_cert.pem'
        valid, msg = self.server.validateSSLConfig(cfg)
        self.assertFalse(valid)
        self.assertIsNotNone(msg)

        cfg.key_path = ''
        cfg.cert_path = 'thrift/test/py/test_cert.pem'
        valid, msg = self.server.validateSSLConfig(cfg)
        self.assertFalse(valid)
        self.assertIsNotNone(msg)

        cfg.key_path = cfg.cert_path
        valid, msg = self.server.validateSSLConfig(cfg)
        self.assertTrue(valid)
        self.assertIsNone(msg)

        cfg.client_ca_path = 'thrift/test/should/not/exist.pem'
        valid, msg = self.server.validateSSLConfig(cfg)
        self.assertFalse(valid)
        self.assertIsNotNone(msg)
Beispiel #3
0
 def testDefaults(self):
     config = TSSLConfig()
     self.assertEquals(config.cert_path, '')
     self.assertEquals(config.key_path, '')
     self.assertEquals(config.key_pw_path, '')
     self.assertEquals(config.client_ca_path, '')
     self.assertEquals(config.ecc_curve_name, '')
     self.assertEquals(config.verify, SSLVerifyPeerEnum.VERIFY)
     self.assertEquals(config.ssl_policy, SSLPolicy.PERMITTED)
Beispiel #4
0
 def configureSSL(self):
     config = TSSLConfig()
     self.setupTickets()
     self.assertEquals(config.key_path, "")
     config.ssl_policy = SSLPolicy.REQUIRED
     config.cert_path = 'thrift/test/py/test_cert.pem'
     config.client_verify = SSLVerifyPeerEnum.VERIFY
     config.key_path = None
     config.ticket_file_path = self.ticket_file.name
     # expect an error with a cert_path but no key_path
     with self.assertRaises(ValueError):
         self.server.setSSLConfig(config)
     config.key_path = 'thrift/test/py/test_cert.pem'
     self.server.setSSLConfig(config)
Beispiel #5
0
    def testValidateSSL(self):
        valid, msg = self.server.validateSSLConfig({})
        self.assertFalse(valid)
        self.assertIsNotNone(msg)

        cfg = TSSLConfig()
        valid, msg = self.server.validateSSLConfig(cfg)
        self.assertTrue(valid)
        self.assertIsNone(msg)

        cfg.key_path = 'thrift/test/py/test_cert.pem'
        valid, msg = self.server.validateSSLConfig(cfg)
        self.assertFalse(valid)
        self.assertIsNotNone(msg)

        cfg.key_path = ''
        cfg.cert_path = 'thrift/test/py/test_cert.pem'
        valid, msg = self.server.validateSSLConfig(cfg)
        self.assertFalse(valid)
        self.assertIsNotNone(msg)

        cfg.key_path = cfg.cert_path
        valid, msg = self.server.validateSSLConfig(cfg)
        self.assertTrue(valid)
        self.assertIsNone(msg)

        cfg.client_ca_path = 'thrift/test/should/not/exist.pem'
        valid, msg = self.server.validateSSLConfig(cfg)
        self.assertFalse(valid)
        self.assertIsNotNone(msg)
Beispiel #6
0
 def configureSSL(self):
     config = TSSLConfig()
     self.setupTickets()
     self.assertEquals(config.key_path, "")
     config.ssl_policy = SSLPolicy.REQUIRED
     config.cert_path = 'thrift/test/py/test_cert.pem'
     config.client_verify = SSLVerifyPeerEnum.VERIFY
     config.key_path = None
     config.ticket_file_path = self.ticket_file.name
     # expect an error with a cert_path but no key_path
     with self.assertRaises(ValueError):
         self.server.setSSLConfig(config)
     config.key_path = 'thrift/test/py/test_cert.pem'
     self.server.setSSLConfig(config)