def setUp(self): """ Set up client and server SSL contexts for use later. """ self.sKey, self.sCert = makeCertificate(O="Server Test Certificate", CN="server") self.cKey, self.cCert = makeCertificate(O="Client Test Certificate", CN="client") self.serverSSLContext = CertificateOptions(privateKey=self.sKey, certificate=self.sCert, requireCertificate=False) self.clientSSLContext = CertificateOptions(requireCertificate=False)
def setUp(self): super(CertsFilesTestCase, self).setUp() # set up temp dir with no certs self.no_certs_dir = tempfile.mkdtemp() # create certs cert1 = makeCertificate(O="Server Certificate 1", CN="cn1") cert2 = makeCertificate(O="Server Certificate 2", CN="cn2") cert3 = makeCertificate(O="Server Certificate 3", CN="cn3") # set up temp dir with one cert self.one_cert_dir = tempfile.mkdtemp() self.cert1 = self._write_pem(cert1, self.one_cert_dir, "cert1.pem") # set up temp dir with two certs self.two_certs_dir = tempfile.mkdtemp() self.cert2 = self._write_pem(cert2, self.two_certs_dir, "cert2.pem") self.cert3 = self._write_pem(cert3, self.two_certs_dir, "cert3.pem")
def setUp(self): """ Set up client and server SSL contexts for use later. """ self.sKey, self.sCert = makeCertificate( O="Server Test Certificate", CN="server") self.cKey, self.cCert = makeCertificate( O="Client Test Certificate", CN="client") self.serverSSLContext = CertificateOptions( privateKey=self.sKey, certificate=self.sCert, requireCertificate=False) self.clientSSLContext = CertificateOptions( requireCertificate=False)
def test_ssl_hostname_verification(self): """ If the endpoint passed to L{BaseQuery} has C{ssl_hostname_verification} sets to C{True}, a L{VerifyingContextFactory} is passed to C{connectSSL}. """ agent_creations = [] @implementer(IAgent) class FakeAgent(object): def __init__(self, reactor, contextFactory, connectTimeout=None, bindAddress=None, pool=None): agent_creations.append((reactor, contextFactory, connectTimeout, bindAddress, pool)) def request(self, method, uri, headers=None, bodyProducer=None): return Deferred() verifyClass(IAgent, FakeAgent) certs = [makeCertificate(O="Test Certificate", CN="something")[1]] self.patch(base, "Agent", FakeAgent) self.patch(ssl, "_ca_certs", certs) endpoint = AWSServiceEndpoint(ssl_hostname_verification=True) query = BaseQuery("an action", "creds", endpoint, reactor="ignored") query.get_page("https://example.com/file") self.assertEqual(len(agent_creations), 1) [(_, contextFactory, _, _, _)] = agent_creations self.assertIsInstance(contextFactory, ssl.VerifyingContextFactory)
def test_ssl_hostname_verification(self): """ If the endpoint passed to L{BaseQuery} has C{ssl_hostname_verification} sets to C{True}, a L{VerifyingContextFactory} is passed to C{connectSSL}. """ class FakeReactor(object): def __init__(self): self.connects = [] def connectSSL(self, host, port, client, factory): self.connects.append((host, port, client, factory)) certs = makeCertificate(O="Test Certificate", CN="something")[1] self.patch(ssl, "_ca_certs", certs) fake_reactor = FakeReactor() endpoint = AWSServiceEndpoint(ssl_hostname_verification=True) query = BaseQuery("an action", "creds", endpoint, fake_reactor) query.get_page("https://example.com/file") [(host, port, client, factory)] = fake_reactor.connects self.assertEqual("example.com", host) self.assertEqual(443, port) self.assertTrue(isinstance(factory, ssl.VerifyingContextFactory)) self.assertEqual("example.com", factory.host) self.assertNotEqual([], factory.caCerts)