def testSessionResumption(self): # Set up a secure server handler = grpc.method_handlers_generic_handler('test', { 'UnaryUnary': grpc.unary_unary_rpc_method_handler(handle_unary_unary) }) server = test_common.test_server() server.add_generic_rpc_handlers((handler,)) server_cred = grpc.ssl_server_credentials(_SERVER_CERTS) port = server.add_secure_port('[::]:0', server_cred) server.start() # Create a cache for TLS session tickets cache = session_cache.ssl_session_cache_lru(1) channel_creds = grpc.ssl_channel_credentials( root_certificates=_TEST_ROOT_CERTIFICATES) channel_options = _PROPERTY_OPTIONS + ( ('grpc.ssl_session_cache', cache),) # Initial connection has no session to resume self._do_one_shot_client_rpc(channel_creds, channel_options, port, expect_ssl_session_reused=[b'false']) # Subsequent connections resume sessions self._do_one_shot_client_rpc(channel_creds, channel_options, port, expect_ssl_session_reused=[b'true']) server.stop(None)
def testSessionResumption(self): # Set up a secure server handler = grpc.method_handlers_generic_handler('test', { 'UnaryUnary': grpc.unary_unary_rpc_method_handler(handle_unary_unary) }) server = test_common.test_server() server.add_generic_rpc_handlers((handler,)) server_cred = grpc.ssl_server_credentials(_SERVER_CERTS) port = server.add_secure_port('[::]:0', server_cred) server.start() # Create a cache for TLS session tickets cache = session_cache.ssl_session_cache_lru(1) channel_creds = grpc.ssl_channel_credentials( root_certificates=_TEST_ROOT_CERTIFICATES) channel_options = _PROPERTY_OPTIONS + ( ('grpc.ssl_session_cache', cache),) # Initial connection has no session to resume self._do_one_shot_client_rpc( channel_creds, channel_options, port, expect_ssl_session_reused=[b'false']) # Subsequent connections resume sessions self._do_one_shot_client_rpc( channel_creds, channel_options, port, expect_ssl_session_reused=[b'true']) server.stop(None)
def testSSLSessionCacheLRU(self): server_1, port_1 = start_secure_server() cache = session_cache.ssl_session_cache_lru(1) channel_creds = grpc.ssl_channel_credentials( root_certificates=_TEST_ROOT_CERTIFICATES) channel_options = _PROPERTY_OPTIONS + ( ('grpc.ssl_session_cache', cache), ) # Initial connection has no session to resume self._do_one_shot_client_rpc(channel_creds, channel_options, port_1, expect_ssl_session_reused=[b'false']) # Connection to server_1 resumes from initial session self._do_one_shot_client_rpc(channel_creds, channel_options, port_1, expect_ssl_session_reused=[b'true']) # Connection to a different server with the same name overwrites the cache entry server_2, port_2 = start_secure_server() self._do_one_shot_client_rpc(channel_creds, channel_options, port_2, expect_ssl_session_reused=[b'false']) self._do_one_shot_client_rpc(channel_creds, channel_options, port_2, expect_ssl_session_reused=[b'true']) server_2.stop(None) # Connection to server_1 now falls back to full TLS handshake self._do_one_shot_client_rpc(channel_creds, channel_options, port_1, expect_ssl_session_reused=[b'false']) # Re-creating server_1 causes old sessions to become invalid server_1.stop(None) server_1, port_1 = start_secure_server() # Old sessions should no longer be valid self._do_one_shot_client_rpc(channel_creds, channel_options, port_1, expect_ssl_session_reused=[b'false']) # Resumption should work for subsequent connections self._do_one_shot_client_rpc(channel_creds, channel_options, port_1, expect_ssl_session_reused=[b'true']) server_1.stop(None)
def testSSLSessionCacheLRU(self): server_1, port_1 = start_secure_server() cache = session_cache.ssl_session_cache_lru(1) channel_creds = grpc.ssl_channel_credentials( root_certificates=_TEST_ROOT_CERTIFICATES) channel_options = _PROPERTY_OPTIONS + ( ('grpc.ssl_session_cache', cache),) # Initial connection has no session to resume self._do_one_shot_client_rpc( channel_creds, channel_options, port_1, expect_ssl_session_reused=[b'false']) # Connection to server_1 resumes from initial session self._do_one_shot_client_rpc( channel_creds, channel_options, port_1, expect_ssl_session_reused=[b'true']) # Connection to a different server with the same name overwrites the cache entry server_2, port_2 = start_secure_server() self._do_one_shot_client_rpc( channel_creds, channel_options, port_2, expect_ssl_session_reused=[b'false']) self._do_one_shot_client_rpc( channel_creds, channel_options, port_2, expect_ssl_session_reused=[b'true']) server_2.stop(None) # Connection to server_1 now falls back to full TLS handshake self._do_one_shot_client_rpc( channel_creds, channel_options, port_1, expect_ssl_session_reused=[b'false']) # Re-creating server_1 causes old sessions to become invalid server_1.stop(None) server_1, port_1 = start_secure_server() # Old sessions should no longer be valid self._do_one_shot_client_rpc( channel_creds, channel_options, port_1, expect_ssl_session_reused=[b'false']) # Resumption should work for subsequent connections self._do_one_shot_client_rpc( channel_creds, channel_options, port_1, expect_ssl_session_reused=[b'true']) server_1.stop(None)