def testSessionResumption(self):
# Set up a secure server
handler = grpc.method_handlers_generic_handler('test', {
'UnaryUnary':
grpc.unary_unary_rpc_method_handler(handle_unary_unary)
})
server = test_common.test_server()
server.add_generic_rpc_handlers((handler,))
server_cred = grpc.ssl_server_credentials(_SERVER_CERTS)
port = server.add_secure_port('[::]:0', server_cred)
server.start()
# Create a cache for TLS session tickets
cache = session_cache.ssl_session_cache_lru(1)
channel_creds = grpc.ssl_channel_credentials(
root_certificates=_TEST_ROOT_CERTIFICATES)
channel_options = _PROPERTY_OPTIONS + (
('grpc.ssl_session_cache', cache),)
# Initial connection has no session to resume
self._do_one_shot_client_rpc(channel_creds,
channel_options,
port,
expect_ssl_session_reused=[b'false'])
# Subsequent connections resume sessions
self._do_one_shot_client_rpc(channel_creds,
channel_options,
port,
expect_ssl_session_reused=[b'true'])
server.stop(None)
def testSessionResumption(self):
# Set up a secure server
handler = grpc.method_handlers_generic_handler('test', {
'UnaryUnary':
grpc.unary_unary_rpc_method_handler(handle_unary_unary)
})
server = test_common.test_server()
server.add_generic_rpc_handlers((handler,))
server_cred = grpc.ssl_server_credentials(_SERVER_CERTS)
port = server.add_secure_port('[::]:0', server_cred)
server.start()
# Create a cache for TLS session tickets
cache = session_cache.ssl_session_cache_lru(1)
channel_creds = grpc.ssl_channel_credentials(
root_certificates=_TEST_ROOT_CERTIFICATES)
channel_options = _PROPERTY_OPTIONS + (
('grpc.ssl_session_cache', cache),)
# Initial connection has no session to resume
self._do_one_shot_client_rpc(
channel_creds,
channel_options,
port,
expect_ssl_session_reused=[b'false'])
# Subsequent connections resume sessions
self._do_one_shot_client_rpc(
channel_creds,
channel_options,
port,
expect_ssl_session_reused=[b'true'])
server.stop(None)
def testSSLSessionCacheLRU(self):
server_1, port_1 = start_secure_server()
cache = session_cache.ssl_session_cache_lru(1)
channel_creds = grpc.ssl_channel_credentials(
root_certificates=_TEST_ROOT_CERTIFICATES)
channel_options = _PROPERTY_OPTIONS + (
('grpc.ssl_session_cache', cache), )
# Initial connection has no session to resume
self._do_one_shot_client_rpc(channel_creds,
channel_options,
port_1,
expect_ssl_session_reused=[b'false'])
# Connection to server_1 resumes from initial session
self._do_one_shot_client_rpc(channel_creds,
channel_options,
port_1,
expect_ssl_session_reused=[b'true'])
# Connection to a different server with the same name overwrites the cache entry
server_2, port_2 = start_secure_server()
self._do_one_shot_client_rpc(channel_creds,
channel_options,
port_2,
expect_ssl_session_reused=[b'false'])
self._do_one_shot_client_rpc(channel_creds,
channel_options,
port_2,
expect_ssl_session_reused=[b'true'])
server_2.stop(None)
# Connection to server_1 now falls back to full TLS handshake
self._do_one_shot_client_rpc(channel_creds,
channel_options,
port_1,
expect_ssl_session_reused=[b'false'])
# Re-creating server_1 causes old sessions to become invalid
server_1.stop(None)
server_1, port_1 = start_secure_server()
# Old sessions should no longer be valid
self._do_one_shot_client_rpc(channel_creds,
channel_options,
port_1,
expect_ssl_session_reused=[b'false'])
# Resumption should work for subsequent connections
self._do_one_shot_client_rpc(channel_creds,
channel_options,
port_1,
expect_ssl_session_reused=[b'true'])
server_1.stop(None)
def testSSLSessionCacheLRU(self):
server_1, port_1 = start_secure_server()
cache = session_cache.ssl_session_cache_lru(1)
channel_creds = grpc.ssl_channel_credentials(
root_certificates=_TEST_ROOT_CERTIFICATES)
channel_options = _PROPERTY_OPTIONS + (
('grpc.ssl_session_cache', cache),)
# Initial connection has no session to resume
self._do_one_shot_client_rpc(
channel_creds,
channel_options,
port_1,
expect_ssl_session_reused=[b'false'])
# Connection to server_1 resumes from initial session
self._do_one_shot_client_rpc(
channel_creds,
channel_options,
port_1,
expect_ssl_session_reused=[b'true'])
# Connection to a different server with the same name overwrites the cache entry
server_2, port_2 = start_secure_server()
self._do_one_shot_client_rpc(
channel_creds,
channel_options,
port_2,
expect_ssl_session_reused=[b'false'])
self._do_one_shot_client_rpc(
channel_creds,
channel_options,
port_2,
expect_ssl_session_reused=[b'true'])
server_2.stop(None)
# Connection to server_1 now falls back to full TLS handshake
self._do_one_shot_client_rpc(
channel_creds,
channel_options,
port_1,
expect_ssl_session_reused=[b'false'])
# Re-creating server_1 causes old sessions to become invalid
server_1.stop(None)
server_1, port_1 = start_secure_server()
# Old sessions should no longer be valid
self._do_one_shot_client_rpc(
channel_creds,
channel_options,
port_1,
expect_ssl_session_reused=[b'false'])
# Resumption should work for subsequent connections
self._do_one_shot_client_rpc(
channel_creds,
channel_options,
port_1,
expect_ssl_session_reused=[b'true'])
server_1.stop(None)
