def ocsp_reset(tmpdir):
# Reset OCSP cache location before each test
if "SF_OCSP_RESPONSE_CACHE_DIR" in os.environ:
del os.environ["SF_OCSP_RESPONSE_CACHE_DIR"]
os.environ["SF_OCSP_RESPONSE_CACHE_DIR"] = str(
tmpdir.join(random_string(5)))
OCSPCache.reset_cache_dir()
def _store_cache_in_file(tmpdir, target_hosts=None):
if target_hosts is None:
target_hosts = TARGET_HOSTS
os.environ['SF_OCSP_RESPONSE_CACHE_DIR'] = str(tmpdir)
OCSPCache.reset_cache_dir()
filename = path.join(str(tmpdir), 'ocsp_response_cache.json')
# cache OCSP response
SnowflakeOCSP.clear_cache()
ocsp = SFOCSP(ocsp_response_cache_uri='file://' + filename,
use_ocsp_cache_server=False)
for hostname in target_hosts:
connection = _openssl_connect(hostname)
assert ocsp.validate(hostname, connection), \
'Failed to validate: {}'.format(hostname)
assert path.exists(filename), "OCSP response cache file"
return filename, target_hosts
def test_ocsp_wo_cache_file():
"""
OCSP tests without File cache.
NOTE: Use /etc as a readonly directory such that no cache file is used.
"""
# reset the memory cache
SnowflakeOCSP.clear_cache()
OCSPCache.del_cache_file()
environ['SF_OCSP_RESPONSE_CACHE_DIR'] = '/etc'
OCSPCache.reset_cache_dir()
try:
ocsp = SFOCSP()
for url in TARGET_HOSTS:
connection = _openssl_connect(url)
assert ocsp.validate(url, connection), \
'Failed to validate: {0}'.format(url)
finally:
del environ['SF_OCSP_RESPONSE_CACHE_DIR']
OCSPCache.reset_cache_dir()
def cleanup():
# Reset OCSP cache location before each test
if 'SF_OCSP_RESPONSE_CACHE_DIR' in os.environ:
del os.environ['SF_OCSP_RESPONSE_CACHE_DIR']
OCSPCache.reset_cache_dir()
