def test_http_get_client_cert_required_no_client_cert(self): with NamedTemporaryFile(prefix='zato-tls', delete=False) as ca_cert_tf: ca_cert_tf.write(ca_cert) ca_cert_tf.flush() server = TLSServer(cert_reqs=ssl.CERT_REQUIRED) server.start() sleep(0.3) port = server.get_port() config = self._get_config() config['address_host'] = 'https://localhost:{}/'.format(port) config['address_url_path'] = '' config['ping_method'] = 'GET' config['transport'] = URL_TYPE.PLAIN_HTTP config['tls_verify'] = ca_cert_tf.name wrapper = HTTPSOAPWrapper(config, requests) try: wrapper.get('123') except Exception, e: details = e.message[0][1][0][0] self.assertEquals(details, ('SSL routines', 'SSL3_READ_BYTES', 'sslv3 alert handshake failure')) else:
def test_http_get_unknown_ca_verify_invalid_ca_cert(self): with NamedTemporaryFile(prefix='zato-tls', delete=False) as ca_cert_tf: ca_cert_tf.write(ca_cert_invalid) ca_cert_tf.flush() server = TLSServer() server.start() sleep(0.3) port = server.get_port() config = self._get_config() config['address_host'] = 'https://localhost:{}/'.format(port) config['address_url_path'] = '' config['ping_method'] = 'GET' config['transport'] = URL_TYPE.PLAIN_HTTP config['tls_verify'] = ca_cert_tf.name wrapper = HTTPSOAPWrapper(config, requests) try: wrapper.get('123') except Exception, e: details = e.message[0][1][0][0] self.assertEquals(details, ('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE', 'certificate verify failed')) else:
def test_http_get_unknown_ca_verify_invalid_ca_cert(self): with NamedTemporaryFile(prefix='zato-tls', delete=False) as ca_cert_tf: ca_cert_tf.write(ca_cert_invalid) ca_cert_tf.flush() server = TLSServer() server.start() sleep(0.3) port = server.get_port() config = self._get_config() config['address_host'] = 'https://localhost:{}/'.format(port) config['address_url_path'] = '' config['ping_method'] = 'GET' config['transport'] = URL_TYPE.PLAIN_HTTP config['tls_verify'] = ca_cert_tf.name wrapper = HTTPSOAPWrapper(config, requests) try: wrapper.get('123') except Exception, e: details = e.message[0][1][0][0] self.assertEquals( details, ('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE', 'certificate verify failed')) else:
def test_http_get_client_cert_required_has_client_cert(self): with NamedTemporaryFile(prefix='zato-tls', delete=False) as ca_cert_tf: ca_cert_tf.write(ca_cert) ca_cert_tf.flush() with NamedTemporaryFile(prefix='zato-tls', delete=False) as client_cert_tf: client_cert_tf.write(client1_key) client_cert_tf.write('\n') client_cert_tf.write(client1_cert) client_cert_tf.flush() server = TLSServer(cert_reqs=ssl.CERT_REQUIRED) server.start() sleep(0.3) port = server.get_port() config = self._get_config() config['address_host'] = 'https://localhost:{}/'.format(port) config['address_url_path'] = '' config['ping_method'] = 'GET' config['transport'] = URL_TYPE.PLAIN_HTTP config['tls_verify'] = ca_cert_tf.name config['tls_key_cert_full_path'] = client_cert_tf.name config['sec_type'] = SEC_DEF_TYPE.TLS_KEY_CERT wrapper = HTTPSOAPWrapper(config, requests) wrapper.get('123')
def test_http_get_unknown_ca_verify_false(self): server = TLSServer() server.start() sleep(0.3) port = server.get_port() config = self._get_config() config['address_host'] = 'https://localhost:{}/'.format(port) config['address_url_path'] = '' config['ping_method'] = 'GET' config['transport'] = URL_TYPE.PLAIN_HTTP config['tls_verify'] = ZATO_NONE wrapper = HTTPSOAPWrapper(config, requests) self.assertEquals(httplib.OK, wrapper.get('123').status_code)