class TestHTTPS_TLSv1(HTTPSDummyServerTestCase):
certs = DEFAULT_CERTS.copy()
certs['ssl_version'] = ssl.PROTOCOL_TLSv1
def setUp(self):
self._pool = HTTPSConnectionPool(self.host, self.port)
self.addCleanup(self._pool.close)
@onlyPy27OrNewerOrNonWindows
def test_discards_connection_on_sslerror(self):
# This test is skipped on Windows for Python 2.6 because we suspect there
# is an issue with the OpenSSL for Python 2.6 on Windows.
pool = HTTPSConnectionPool(self.host,
self.port,
cert_reqs='CERT_REQUIRED')
with self.assertRaises(MaxRetryError) as cm:
pool.request('GET', '/', retries=0)
self.assertIsInstance(cm.exception.reason, SSLError)
pool = HTTPSConnectionPool(self.host,
self.port,
cert_reqs='CERT_REQUIRED',
ca_certs=DEFAULT_CA)
pool.request('GET', '/')
def test_set_cert_default_cert_required(self):
pool = HTTPSConnectionPool(self.host, self.port, ca_certs=DEFAULT_CA)
self.assertEqual(pool.ssl_context.verify_mode, ssl.CERT_REQUIRED)
class TestHTTPS_TLSv1(HTTPSDummyServerTestCase):
certs = DEFAULT_CERTS.copy()
certs['ssl_version'] = ssl.PROTOCOL_TLSv1
def setUp(self):
self._pool = HTTPSConnectionPool(self.host, self.port)
def test_set_ssl_version_to_sslv3(self):
self._pool.ssl_version = ssl.PROTOCOL_SSLv3
self.assertRaises(SSLError, self._pool.request, 'GET', '/')
def test_ssl_version_as_string(self):
self._pool.ssl_version = 'PROTOCOL_SSLv3'
self.assertRaises(SSLError, self._pool.request, 'GET', '/')
def test_ssl_version_as_short_string(self):
self._pool.ssl_version = 'SSLv3'
self.assertRaises(SSLError, self._pool.request, 'GET', '/')
def test_discards_connection_on_sslerror(self):
self._pool.cert_reqs = 'CERT_REQUIRED'
self.assertRaises(SSLError, self._pool.request, 'GET', '/')
self._pool.ca_certs = DEFAULT_CA
self._pool.request('GET', '/')
def test_set_cert_default_cert_required(self):
conn = VerifiedHTTPSConnection(self.host, self.port)
conn.set_cert(ca_certs='/etc/ssl/certs/custom.pem')
self.assertEqual(conn.cert_reqs, 'CERT_REQUIRED')
class TestHTTPS_TLSv1(HTTPSDummyServerTestCase):
certs = DEFAULT_CERTS.copy()
certs['ssl_version'] = ssl.PROTOCOL_TLSv1
def setUp(self):
self._pool = HTTPSConnectionPool(self.host, self.port)
def test_set_ssl_version_to_sslv3(self):
self._pool.ssl_version = ssl.PROTOCOL_SSLv3
self.assertRaises(SSLError, self._pool.request, 'GET', '/')
def test_ssl_version_as_string(self):
self._pool.ssl_version = 'PROTOCOL_SSLv3'
self.assertRaises(SSLError, self._pool.request, 'GET', '/')
def test_ssl_version_as_short_string(self):
self._pool.ssl_version = 'SSLv3'
self.assertRaises(SSLError, self._pool.request, 'GET', '/')
class TestHTTPS_TLSv1(HTTPSDummyServerTestCase):
certs = DEFAULT_CERTS.copy()
certs['ssl_version'] = ssl.PROTOCOL_TLSv1
def setUp(self):
self._pool = HTTPSConnectionPool(self.host, self.port)
self.addCleanup(self._pool.close)
def test_discards_connection_on_sslerror(self):
self._pool.cert_reqs = 'CERT_REQUIRED'
self.assertRaises(SSLError, self._pool.request, 'GET', '/')
self._pool.ca_certs = DEFAULT_CA
self._pool.request('GET', '/')
def test_set_cert_default_cert_required(self):
conn = VerifiedHTTPSConnection(self.host, self.port)
conn.set_cert(ca_certs=DEFAULT_CA)
self.assertEqual(conn.cert_reqs, 'CERT_REQUIRED')
class TestHTTPS_TLSv1(HTTPSDummyServerTestCase):
certs = DEFAULT_CERTS.copy()
certs['ssl_version'] = ssl.PROTOCOL_TLSv1
def setUp(self):
self._pool = HTTPSConnectionPool(self.host, self.port)
self.addCleanup(self._pool.close)
def test_discards_connection_on_sslerror(self):
self._pool.cert_reqs = 'CERT_REQUIRED'
with self.assertRaises(MaxRetryError) as cm:
self._pool.request('GET', '/', retries=0)
self.assertIsInstance(cm.exception.reason, SSLError)
self._pool.ca_certs = DEFAULT_CA
self._pool.request('GET', '/')
def test_set_cert_default_cert_required(self):
conn = VerifiedHTTPSConnection(self.host, self.port)
conn.set_cert()
self.assertEqual(conn.cert_reqs, ssl.CERT_REQUIRED)
class TestHTTPS_TLSv1(HTTPSDummyServerTestCase):
certs = DEFAULT_CERTS.copy()
certs['ssl_version'] = ssl.PROTOCOL_TLSv1
def setUp(self):
self._pool = HTTPSConnectionPool(self.host, self.port)
self.addCleanup(self._pool.close)
@onlyPy27OrNewerOrNonWindows
def test_discards_connection_on_sslerror(self):
# This test is skipped on Windows for Python 2.6 because we suspect there
# is an issue with the OpenSSL for Python 2.6 on Windows.
self._pool.cert_reqs = 'CERT_REQUIRED'
self.assertRaises(SSLError, self._pool.request, 'GET', '/')
self._pool.ca_certs = DEFAULT_CA
self._pool.request('GET', '/')
def test_set_cert_default_cert_required(self):
conn = VerifiedHTTPSConnection(self.host, self.port)
conn.set_cert(ca_certs=DEFAULT_CA)
self.assertEqual(conn.cert_reqs, 'CERT_REQUIRED')
)
from urllib3.packages import six
from urllib3.util.timeout import Timeout
import urllib3.util as util
# Retry failed tests
pytestmark = pytest.mark.flaky
ResourceWarning = getattr(six.moves.builtins, "ResourceWarning",
type("ResourceWarning", (), {}))
log = logging.getLogger("urllib3.connectionpool")
log.setLevel(logging.NOTSET)
log.addHandler(logging.StreamHandler(sys.stdout))
TLSv1_CERTS = DEFAULT_CERTS.copy()
TLSv1_CERTS["ssl_version"] = getattr(ssl, "PROTOCOL_TLSv1", None)
TLSv1_1_CERTS = DEFAULT_CERTS.copy()
TLSv1_1_CERTS["ssl_version"] = getattr(ssl, "PROTOCOL_TLSv1_1", None)
TLSv1_2_CERTS = DEFAULT_CERTS.copy()
TLSv1_2_CERTS["ssl_version"] = getattr(ssl, "PROTOCOL_TLSv1_2", None)
TLSv1_3_CERTS = DEFAULT_CERTS.copy()
TLSv1_3_CERTS["ssl_version"] = getattr(ssl, "PROTOCOL_TLS", None)
CLIENT_INTERMEDIATE_PEM = "client_intermediate.pem"
CLIENT_NO_INTERMEDIATE_PEM = "client_no_intermediate.pem"
CLIENT_INTERMEDIATE_KEY = "client_intermediate.key"
PASSWORD_CLIENT_KEYFILE = "client_password.key"
from urllib3.packages import six
from urllib3.util.timeout import Timeout
import urllib3.util as util
ResourceWarning = getattr(
six.moves.builtins,
'ResourceWarning', type('ResourceWarning', (), {}))
log = logging.getLogger('urllib3.connectionpool')
log.setLevel(logging.NOTSET)
log.addHandler(logging.StreamHandler(sys.stdout))
TLSv1_CERTS = DEFAULT_CERTS.copy()
TLSv1_CERTS["ssl_version"] = getattr(ssl, "PROTOCOL_TLSv1", None)
TLSv1_1_CERTS = DEFAULT_CERTS.copy()
TLSv1_1_CERTS["ssl_version"] = getattr(ssl, "PROTOCOL_TLSv1_1", None)
TLSv1_2_CERTS = DEFAULT_CERTS.copy()
TLSv1_2_CERTS["ssl_version"] = getattr(ssl, "PROTOCOL_TLSv1_2", None)
class TestHTTPS(HTTPSDummyServerTestCase):
tls_protocol_name = None
def setUp(self):
self._pool = HTTPSConnectionPool(self.host, self.port, ca_certs=DEFAULT_CA)
self.addCleanup(self._pool.close)
