def testEnumSetters(self): config = TSSLConfig() bogus_values = ['', 'bogus', 5, 0] for v in bogus_values: with self.assertRaises(ValueError): config.verify = v for v in bogus_values: with self.assertRaises(ValueError): config.ssl_policy = v
def testValidateSSL(self): valid, msg = self.server.validateSSLConfig({}) self.assertFalse(valid) self.assertIsNotNone(msg) cfg = TSSLConfig() valid, msg = self.server.validateSSLConfig(cfg) self.assertTrue(valid) self.assertIsNone(msg) cfg.key_path = 'thrift/test/py/test_cert.pem' valid, msg = self.server.validateSSLConfig(cfg) self.assertFalse(valid) self.assertIsNotNone(msg) cfg.key_path = '' cfg.cert_path = 'thrift/test/py/test_cert.pem' valid, msg = self.server.validateSSLConfig(cfg) self.assertFalse(valid) self.assertIsNotNone(msg) cfg.key_path = cfg.cert_path valid, msg = self.server.validateSSLConfig(cfg) self.assertTrue(valid) self.assertIsNone(msg) cfg.client_ca_path = 'thrift/test/should/not/exist.pem' valid, msg = self.server.validateSSLConfig(cfg) self.assertFalse(valid) self.assertIsNotNone(msg)
def testDefaults(self): config = TSSLConfig() self.assertEquals(config.cert_path, '') self.assertEquals(config.key_path, '') self.assertEquals(config.key_pw_path, '') self.assertEquals(config.client_ca_path, '') self.assertEquals(config.ecc_curve_name, '') self.assertEquals(config.verify, SSLVerifyPeerEnum.VERIFY) self.assertEquals(config.ssl_policy, SSLPolicy.PERMITTED)
def configureSSL(self): config = TSSLConfig() self.setupTickets() self.assertEquals(config.key_path, "") config.ssl_policy = SSLPolicy.REQUIRED config.cert_path = 'thrift/test/py/test_cert.pem' config.client_verify = SSLVerifyPeerEnum.VERIFY config.key_path = None config.ticket_file_path = self.ticket_file.name # expect an error with a cert_path but no key_path with self.assertRaises(ValueError): self.server.setSSLConfig(config) config.key_path = 'thrift/test/py/test_cert.pem' self.server.setSSLConfig(config)