def test_validate_with_keys(self): v_h = VirtualHost() v_h.keys = [mock.MagicMock()] v_h.validate() v_h.keys[0].validate.assert_called_once_with()
def test___init__(self): v_h = VirtualHost() self.assertIsInstance(v_h, VirtualHost) self.assertEqual(v_h.keys, []) self.assertEqual(v_h.hostnames, set()) self.assertEqual(v_h.trust_anchors, []) self.assertEqual(v_h.app_protocols, [])
def test_validate_without_keys(self): v_h = VirtualHost() with self.assertRaises(ValueError): v_h.validate()
def test_matches_hostname_with_matching_name(self): v_h = VirtualHost() v_h.hostnames = set([b'example.com']) self.assertTrue(v_h.matches_hostname(b'example.com'))
def handleArgs(argv, argString, flagsList=[]): # Convert to getopt argstring format: # Add ":" after each arg, ie "abc" -> "a:b:c:" getOptArgString = ":".join(argString) + ":" try: opts, argv = getopt.getopt(argv, getOptArgString, flagsList) except getopt.GetoptError as e: printError(e) # Default values if arg not present privateKey = None cert_chain = None virtual_hosts = [] v_host_cert = None username = None password = None tacks = None verifierDB = None reqCert = False directory = None expLabel = None expLength = 20 alpn = [] dhparam = None psk = None psk_ident = None psk_hash = 'sha256' resumption = False ssl3 = False max_ver = None tickets = None ciphers = [] request_pha = False require_pha = False for opt, arg in opts: if opt == "-k": s = open(arg, "rb").read() if sys.version_info[0] >= 3: s = str(s, 'utf-8') # OpenSSL/m2crypto does not support RSASSA-PSS certificates if not privateKey: privateKey = parsePEMKey(s, private=True, implementations=["python"]) else: if not v_host_cert: raise ValueError("Virtual host certificate missing " "(must be listed before key)") p_key = parsePEMKey(s, private=True, implementations=["python"]) if not virtual_hosts: virtual_hosts.append(VirtualHost()) virtual_hosts[0].keys.append( Keypair(p_key, v_host_cert.x509List)) v_host_cert = None elif opt == "-c": s = open(arg, "rb").read() if sys.version_info[0] >= 3: s = str(s, 'utf-8') if not cert_chain: cert_chain = X509CertChain() cert_chain.parsePemList(s) else: v_host_cert = X509CertChain() v_host_cert.parsePemList(s) elif opt == "-u": username = arg elif opt == "-p": password = arg elif opt == "-t": if tackpyLoaded: s = open(arg, "rU").read() tacks = Tack.createFromPemList(s) elif opt == "-v": verifierDB = VerifierDB(arg) verifierDB.open() elif opt == "-d": directory = arg elif opt == "--reqcert": reqCert = True elif opt == "-l": expLabel = arg elif opt == "-L": expLength = int(arg) elif opt == "-a": alpn.append(bytearray(arg, 'utf-8')) elif opt == "--param": s = open(arg, "rb").read() if sys.version_info[0] >= 3: s = str(s, 'utf-8') dhparam = parseDH(s) elif opt == "--psk": psk = a2b_hex(arg) elif opt == "--psk-ident": psk_ident = bytearray(arg, 'utf-8') elif opt == "--psk-sha384": psk_hash = 'sha384' elif opt == "--resumption": resumption = True elif opt == "--ssl3": ssl3 = True elif opt == "--max-ver": max_ver = ver_to_tuple(arg) elif opt == "--tickets": tickets = int(arg) elif opt == "--cipherlist": ciphers.append(arg) elif opt == "--request-pha": request_pha = True elif opt == "--require-pha": require_pha = True else: assert (False) # when no names provided, don't return array if not alpn: alpn = None if (psk and not psk_ident) or (not psk and psk_ident): printError("PSK and IDENTITY must be set together") if not argv: printError("Missing address") if len(argv) > 1: printError("Too many arguments") #Split address into hostname/port tuple address = argv[0] address = address.split(":") if len(address) != 2: raise SyntaxError("Must specify <host>:<port>") address = (address[0], int(address[1])) # Populate the return list retList = [address] if "k" in argString: retList.append(privateKey) if "c" in argString: retList.append(cert_chain) retList.append(virtual_hosts) if "u" in argString: retList.append(username) if "p" in argString: retList.append(password) if "t" in argString: retList.append(tacks) if "v" in argString: retList.append(verifierDB) if "d" in argString: retList.append(directory) if "reqcert" in flagsList: retList.append(reqCert) if "l" in argString: retList.append(expLabel) if "L" in argString: retList.append(expLength) if "a" in argString: retList.append(alpn) if "param=" in flagsList: retList.append(dhparam) if "psk=" in flagsList: retList.append(psk) if "psk-ident=" in flagsList: retList.append(psk_ident) if "psk-sha384" in flagsList: retList.append(psk_hash) if "resumption" in flagsList: retList.append(resumption) if "ssl3" in flagsList: retList.append(ssl3) if "max-ver=" in flagsList: retList.append(max_ver) if "tickets=" in flagsList: retList.append(tickets) if "cipherlist=" in flagsList: retList.append(ciphers) if "request-pha" in flagsList: retList.append(request_pha) if "require-pha" in flagsList: retList.append(require_pha) return retList