def test_http_get_client_cert_required_no_client_cert(self):
with NamedTemporaryFile(prefix='zato-tls', delete=False) as ca_cert_tf:
ca_cert_tf.write(ca_cert)
ca_cert_tf.flush()
server = TLSServer(cert_reqs=ssl.CERT_REQUIRED)
server.start()
sleep(0.3)
port = server.get_port()
config = self._get_config()
config['address_host'] = 'https://localhost:{}/'.format(port)
config['address_url_path'] = ''
config['ping_method'] = 'GET'
config['transport'] = URL_TYPE.PLAIN_HTTP
config['tls_verify'] = ca_cert_tf.name
wrapper = HTTPSOAPWrapper(config, requests)
try:
wrapper.get('123')
except Exception, e:
details = e.message[0][1][0][0]
self.assertEquals(details, ('SSL routines', 'SSL3_READ_BYTES', 'sslv3 alert handshake failure'))
else:
def test_http_get_client_cert_required_no_client_cert(self):
with NamedTemporaryFile(prefix='zato-tls', delete=False) as ca_cert_tf:
ca_cert_tf.write(ca_cert)
ca_cert_tf.flush()
server = TLSServer(cert_reqs=ssl.CERT_REQUIRED)
server.start()
sleep(0.3)
port = server.get_port()
config = self._get_config()
config['address_host'] = 'https://localhost:{}/'.format(port)
config['address_url_path'] = ''
config['ping_method'] = 'GET'
config['transport'] = URL_TYPE.PLAIN_HTTP
config['tls_verify'] = ca_cert_tf.name
wrapper = HTTPSOAPWrapper(config, requests)
try:
wrapper.get('123')
except Exception, e:
details = e.message[0][1][0][0]
self.assertEquals(details, ('SSL routines', 'SSL3_READ_BYTES',
'sslv3 alert handshake failure'))
else:
def test_http_get_unknown_ca_verify_invalid_ca_cert(self):
with NamedTemporaryFile(prefix='zato-tls', delete=False) as ca_cert_tf:
ca_cert_tf.write(ca_cert_invalid)
ca_cert_tf.flush()
server = TLSServer()
server.start()
sleep(0.3)
port = server.get_port()
config = self._get_config()
config['address_host'] = 'https://localhost:{}/'.format(port)
config['address_url_path'] = ''
config['ping_method'] = 'GET'
config['transport'] = URL_TYPE.PLAIN_HTTP
config['tls_verify'] = ca_cert_tf.name
wrapper = HTTPSOAPWrapper(config, requests)
try:
wrapper.get('123')
except Exception, e:
details = e.message[0][1][0][0]
self.assertEquals(details, ('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE', 'certificate verify failed'))
else:
def test_http_get_unknown_ca_verify_invalid_ca_cert(self):
with NamedTemporaryFile(prefix='zato-tls', delete=False) as ca_cert_tf:
ca_cert_tf.write(ca_cert_invalid)
ca_cert_tf.flush()
server = TLSServer()
server.start()
sleep(0.3)
port = server.get_port()
config = self._get_config()
config['address_host'] = 'https://localhost:{}/'.format(port)
config['address_url_path'] = ''
config['ping_method'] = 'GET'
config['transport'] = URL_TYPE.PLAIN_HTTP
config['tls_verify'] = ca_cert_tf.name
wrapper = HTTPSOAPWrapper(config, requests)
try:
wrapper.get('123')
except Exception, e:
details = e.message[0][1][0][0]
self.assertEquals(
details, ('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE',
'certificate verify failed'))
else:
def test_http_get_client_cert_required_has_client_cert(self):
with NamedTemporaryFile(prefix='zato-tls', delete=False) as ca_cert_tf:
ca_cert_tf.write(ca_cert)
ca_cert_tf.flush()
with NamedTemporaryFile(prefix='zato-tls', delete=False) as client_cert_tf:
client_cert_tf.write(client1_key)
client_cert_tf.write('\n')
client_cert_tf.write(client1_cert)
client_cert_tf.flush()
server = TLSServer(cert_reqs=ssl.CERT_REQUIRED)
server.start()
sleep(0.3)
port = server.get_port()
config = self._get_config()
config['address_host'] = 'https://localhost:{}/'.format(port)
config['address_url_path'] = ''
config['ping_method'] = 'GET'
config['transport'] = URL_TYPE.PLAIN_HTTP
config['tls_verify'] = ca_cert_tf.name
config['tls_key_cert_full_path'] = client_cert_tf.name
config['sec_type'] = SEC_DEF_TYPE.TLS_KEY_CERT
wrapper = HTTPSOAPWrapper(config, requests)
wrapper.get('123')
def test_http_get_client_cert_required_has_client_cert(self):
with NamedTemporaryFile(prefix='zato-tls', delete=False) as ca_cert_tf:
ca_cert_tf.write(ca_cert)
ca_cert_tf.flush()
with NamedTemporaryFile(prefix='zato-tls',
delete=False) as client_cert_tf:
client_cert_tf.write(client1_key)
client_cert_tf.write('\n')
client_cert_tf.write(client1_cert)
client_cert_tf.flush()
server = TLSServer(cert_reqs=ssl.CERT_REQUIRED)
server.start()
sleep(0.3)
port = server.get_port()
config = self._get_config()
config['address_host'] = 'https://localhost:{}/'.format(port)
config['address_url_path'] = ''
config['ping_method'] = 'GET'
config['transport'] = URL_TYPE.PLAIN_HTTP
config['tls_verify'] = ca_cert_tf.name
config['tls_key_cert_full_path'] = client_cert_tf.name
config['sec_type'] = SEC_DEF_TYPE.TLS_KEY_CERT
wrapper = HTTPSOAPWrapper(config, requests)
wrapper.get('123')
def test_http_get_unknown_ca_verify_false(self):
server = TLSServer()
server.start()
sleep(0.3)
port = server.get_port()
config = self._get_config()
config['address_host'] = 'https://localhost:{}/'.format(port)
config['address_url_path'] = ''
config['ping_method'] = 'GET'
config['transport'] = URL_TYPE.PLAIN_HTTP
config['tls_verify'] = ZATO_NONE
wrapper = HTTPSOAPWrapper(config, requests)
self.assertEquals(httplib.OK, wrapper.get('123').status_code)
def test_http_get_unknown_ca_verify_false(self):
server = TLSServer()
server.start()
sleep(0.3)
port = server.get_port()
config = self._get_config()
config['address_host'] = 'https://localhost:{}/'.format(port)
config['address_url_path'] = ''
config['ping_method'] = 'GET'
config['transport'] = URL_TYPE.PLAIN_HTTP
config['tls_verify'] = ZATO_NONE
wrapper = HTTPSOAPWrapper(config, requests)
self.assertEquals(httplib.OK, wrapper.get('123').status_code)