def test_missing_cafile(self): """ Test a handshake that fails because the CA file doesn't exist. """ self.start_server() sock = self.connect_client() op = SSLHandshakeOperation(self.test_op, sock, 'localhost', tempfile.mktemp()) op.callback = op_callback() op.start() op.callback.assert_called_once_with(op) self.assertIsNone(op.socket) self.assertTrue(self.test_op.updated_with('No such file')) self.assertTrue(self.test_op.is_done())
def test_timeout(self): """ Test a handshake that fails because it times out. """ self.start_server() sock = self.connect_client() with drop_connection(port=self.sock.getsockname()[1]): op = SSLHandshakeOperation(self.test_op, sock, 'localhost', self.certfile, 0.01) op.callback = op_callback() op.start() time.sleep(0.01) self.test_op.run_selector() op.callback.assert_called_once_with(op) self.assertIsNone(op.socket) self.assertTrue(self.test_op.updated_with('Timed out')) self.assertTrue(self.test_op.is_done())
def test_success(self): """ Test a successful handshake. """ self.start_server() sock = self.connect_client() op = SSLHandshakeOperation(self.test_op, sock, 'localhost', self.certfile) op.callback = op_callback() op.start() accept = self.accept() while not op.callback.called: self.test_op.run_selector() accept.thread.join() try: op.callback.assert_called_once_with(op) self.assertIsNotNone(op.socket) op.socket.close() self.assertTrue(self.test_op.is_done()) finally: accept.sock.close()
def test_invalid_handshake(self): """ Test a handshake that fails because the server does something invalid (e.g., the server is not actually using SSL). """ self.start_server(wrap_ssl=False) sock = self.connect_client() op = SSLHandshakeOperation(self.test_op, sock, 'localhost', self.certfile) op.callback = op_callback() op.start() accept = self.accept(send=b'* OK Hello\r\n') while not op.callback.called: self.test_op.run_selector() accept.thread.join() try: op.callback.assert_called_once_with(op) self.assertIsNone(op.socket) self.assertTrue(self.test_op.is_done()) finally: if accept.sock: accept.sock.close()
def test_certificate_verify(self): """ Test a handshake that fails because the certificate is not trusted. """ self.start_server() sock = self.connect_client() # Notice that we're using ca2.pem as the CA file here. op = SSLHandshakeOperation(self.test_op, sock, 'localhost', self.certfile2) op.callback = op_callback() op.start() accept = self.accept() while not op.callback.called: self.test_op.run_selector() accept.thread.join() try: op.callback.assert_called_once_with(op) self.assertIsNone(op.socket) self.assertTrue(self.test_op.updated_with('CERTIFICATE_VERIFY_FAILED')) self.assertTrue(self.test_op.is_done()) finally: if accept.sock: accept.sock.close()
def test_hostname_verify(self): """ Test a handshake that fails because the server hostname does not match. """ self.start_server() sock = self.connect_client() # We're passing 'localghost' instead of 'localhost' as the server # hostname. op = SSLHandshakeOperation(self.test_op, sock, 'localghost', self.certfile) op.callback = op_callback() op.start() accept = self.accept() while not op.callback.called: self.test_op.run_selector() accept.thread.join() try: op.callback.assert_called_once_with(op) self.assertIsNone(op.socket) self.assertTrue(self.test_op.updated_with('hostname')) self.assertTrue(self.test_op.is_done()) finally: if accept.sock: accept.sock.close()