def test_ocsp_with_outdated_cache(tmpdir): """ Attempt to use outdated OCSP response cache file """ cache_file_name, target_hosts = _store_cache_in_file(tmpdir) ocsp = SFOCSP(ocsp_response_cache_uri='file://' + cache_file_name) # reading cache file OCSPCache.read_ocsp_response_cache_file(ocsp, cache_file_name) cache_data = OCSPCache.CACHE assert cache_data, "more than one cache entries should be stored." # setting outdated data current_time = int(time.time()) for k, v in cache_data.items(): cache_data[k] = (current_time - 48 * 60 * 60, v[1]) # write back the cache file OCSPCache.CACHE = cache_data OCSPCache.write_ocsp_response_cache_file(ocsp, cache_file_name) # forces to use the bogus cache file but it should raise errors SnowflakeOCSP.clear_cache() # reset the memory cache SFOCSP(ocsp_response_cache_uri='file://' + cache_file_name) assert SnowflakeOCSP.cache_size() == 0, \ 'must be empty. outdated cache should not be loaded'
def test_ocsp_with_bogus_cache_files(tmpdir): """ Attempt to use bogus OCSP response data """ cache_file_name, target_hosts = _store_cache_in_file(tmpdir) ocsp = SFOCSP(ocsp_response_cache_uri='file://' + cache_file_name) OCSPCache.read_ocsp_response_cache_file(ocsp, cache_file_name) cache_data = OCSPCache.CACHE assert cache_data, "more than one cache entries should be stored." # setting bogus data current_time = int(time.time()) for k, v in cache_data.items(): cache_data[k] = (current_time, b'bogus') # write back the cache file OCSPCache.CACHE = cache_data OCSPCache.write_ocsp_response_cache_file(ocsp, cache_file_name) # forces to use the bogus cache file but it should raise errors SnowflakeOCSP.clear_cache() ocsp = SFOCSP(ocsp_response_cache_uri='file://' + cache_file_name) for hostname in target_hosts: connection = _openssl_connect(hostname) assert ocsp.validate(hostname, connection), \ 'Failed to validate: {0}'.format(hostname)