Commit Graph

36 Commits

Author SHA1 Message Date
Bill Janssen 296a59d3be Add support for asyncore server-side SSL support. This requires
adding the 'makefile' method to ssl.SSLSocket, and importing the
requisite fakefile class from socket.py, and making the appropriate
changes to it to make it use the SSL connection.

Added sample HTTPS server to test_ssl.py, and test that uses it.

Change SSL tests to use https://svn.python.org/, instead of
www.sf.net and pop.gmail.com.

Added utility function to ssl module, get_server_certificate,
to wrap up the several things to be done to pull a certificate
from a remote server.
2007-09-16 22:06:00 +00:00
Bill Janssen 98d19dafd9 More work on SSL support.
* Much expanded test suite:

  All protocols tested against all other protocols.
  All protocols tested with all certificate options.
  Tests for bad key and bad cert.
  Test of STARTTLS functionality.
  Test of RAND_* functions.

* Fixes for threading/malloc bug.

* Issue 1065 fixed:

  sslsocket class renamed to SSLSocket.
  sslerror class renamed to SSLError.
  Function "wrap_socket" now used to wrap an existing socket.

* Issue 1583946 finally fixed:

  Support for subjectAltName added.
  Subject name now returned as proper DN list of RDNs.

* SSLError exported from socket as "sslerror".

* RAND_* functions properly exported from ssl.py.

* Documentation improved:

  Example of how to create a self-signed certificate.
  Better indexing.
2007-09-10 21:51:02 +00:00
Bill Janssen 426ea0a864 This contains a number of things:
1) Improve the documentation of the SSL module, with a fuller
   explanation of certificate usage, another reference, proper
   formatting of this and that.

2) Fix Windows bug in ssl.py, and general bug in sslsocket.close().
   Remove some unused code from ssl.py.  Allow accept() to be called on
   sslsocket sockets.

3) Use try-except-else in import of ssl in socket.py.  Deprecate use of
   socket.ssl().

4) Remove use of socket.ssl() in every library module, except for
   test_socket_ssl.py and test_ssl.py.
2007-08-29 22:35:05 +00:00
Martin v. Löwis f25e35b9ec Bug #978833: Close https sockets by releasing the _ssl object. 2007-07-27 18:28:22 +00:00
Neal Norwitz 0d4c06e06e Whitespace normalization. Ugh, we really need to do this more often.
You might want to review this change as it's my first time.  Be gentle. :-)
2007-04-25 06:30:05 +00:00
Facundo Batista 9f87128d8b Added tests for other methods of SSL object. Now we cover
all the object methods. This is the final step to close
the #451607 bug.
2007-04-22 01:18:56 +00:00
Collin Winter 8341aac123 Typo fix. 2007-04-10 04:44:49 +00:00
Facundo Batista 3bdc002e39 Minor fix to the tests pass ok even with -O. 2007-04-10 03:00:37 +00:00
Facundo Batista 06c6579036 Fixed the way that the .pem files are looked for, and changed
how to kill the process in win32 to use the _handle attribute.
2007-04-04 14:10:40 +00:00
Facundo Batista a0da5c7bce Changed the whole structure of startup and checking if the
server is available. Hope to not get more false alarms.
2007-04-03 21:15:34 +00:00
Facundo Batista c4a106733c Added a SSL server to test_socket_ssl.py to be able to test
locally. Now, it checks if have openssl available and run
those specific tests (it starts openssl at the beggining of
all the tests and then kills it at the end).
2007-04-03 17:29:48 +00:00
Facundo Batista c3a35e19cc Now using unittest for the tests infraestructure. Also split the
tests in those who need the network, and that who doesn't.
2007-04-03 14:05:08 +00:00
Brett Cannon 41d4e32353 Add test.test_support.transient_internet . Returns a context manager that
nests test.test_support.TransientResource context managers that capture
exceptions raised when the Internet connection is flaky.

Initially using in test_socket_ssl but should probably be expanded to cover any
test that should not raise the captured exceptions if the Internet connection
works.
2007-03-13 02:34:09 +00:00
Brett Cannon a30fcb4dae Introduce test.test_support.TransientResource. It's a context manager to
surround calls to resources that may or may not be available.  Specifying the
expected exception and attributes to be raised if the resource is not available
prevents overly broad catching of exceptions.

This is meant to help suppress spurious failures by raising
test.test_support.ResourceDenied if the exception matches.  It would probably
be good to go through the various network tests and surround the calls to catch
connection timeouts (as done with test_socket_ssl in this commit).
2007-03-08 23:58:11 +00:00
Neal Norwitz 877fdb01fe This should fix the buildbot failure on s/390 which can't connect to gmail.org.
It makes the error message consistent and always sends to stderr.

It would be much better for all the networking tests to hit only python.org.
2006-06-29 05:48:14 +00:00
Brett Cannon 70a77ac23f At the C level, tuple arguments are passed in directly to the exception
constructor, meaning it is treated as *args, not as a single argument.  This
means using the 'message' attribute won't work (until Py3K comes around),
and so one must grab from 'arg' to get the error number.
2006-06-21 16:57:57 +00:00
Brett Cannon 115ecb9211 Fix typo of exception name. 2006-06-20 19:20:17 +00:00
Brett Cannon bb93f4bb0d Raise TestSkipped when the test socket connection is refused. 2006-06-20 17:30:26 +00:00
Neal Norwitz 909eb12c95 Fix the socket tests so they can be run concurrently. Backport candidate 2006-06-12 02:13:21 +00:00
Tim Peters e0bb597d03 test_timeout(): This test was added during Bug Day, but disabled
soon after because the gmail address it connects to started timing
out on all the buildbot slaves.  Rewrote the test to produce a
warning message (instead of failing) when the address times out.

Also removed the special case for Windows -- this test started to
work on Windows as soon as bug 1462352 was fixed.
2006-04-08 12:05:15 +00:00
Tim Peters d8eaa49092 Fix stupid typo. 2006-04-01 01:32:13 +00:00
Tim Peters 4423b8cebc test_timeout(): Disable this new test on all platforms.
The

    s.connect(("gmail.org", 995))

line has been timing out on all buildbot slaves for hours
now, causing the test to fail.
2006-04-01 01:28:51 +00:00
Georg Brandl c90397a7c9 Make test_socket_ssl finally pass on WIn 2006-03-31 21:12:32 +00:00
Georg Brandl d49be30938 Disable test_socket_ssl timeout test on Windows. 2006-03-31 19:09:56 +00:00
Georg Brandl 43f08a85e4 Patch #1380952: fix SSL objects timing out on consecutive read()s 2006-03-31 18:01:16 +00:00
Neal Norwitz 08e301f8bd There was a race condition where the connector would try to connect
before the listener was ready (on gentoo x86 buildslave).  This
caused the listener to not exit normally since nobody connected to it
(waited in accept()).  The exception was raised in the other thread
and the test failed.

This fix doesn't completely eliminate the race, but should make it
near impossible to trigger.  Hopefully it's good enough.
2006-01-25 08:39:35 +00:00
Tim Peters 2a4712dc80 test_rude_shutdown(): Rewrote to use proper thread
synchronization and termination.
2006-01-24 22:44:54 +00:00
Tim Peters 37ca8c12dc connector(): You can't use an empty string as an argument to connect()
on Windows.
2003-07-01 14:49:32 +00:00
Neal Norwitz 1787a0b1cc Fix SF bug #763770, test_socket_ssl crash
Don't run any tests if there is no ssl support.
2003-07-01 13:44:28 +00:00
Neal Norwitz a9002f824b Fix SF #754870, SSL crash interpreter when remote side closes during connect
Also fix a memory leak.
2003-06-30 03:25:20 +00:00
Tim Peters b4ee4eb3b3 Rearrange test_socket_ssl so that a skip is expected iff the network
resource isn't enabled or the socket module doesn't support ssl.
2002-12-04 03:26:57 +00:00
Barry Warsaw 04f357cffe Get rid of relative imports in all unittests. Now anything that
imports e.g. test_support must do so using an absolute package name
such as "import test.test_support" or "from test import test_support".

This also updates the README in Lib/test, and gets rid of the
duplicate data dirctory in Lib/test/data (replaced by
Lib/email/test/data).

Now Tim and Jack can have at it. :)
2002-07-23 19:04:11 +00:00
Tim Peters e0c446bb4a Whitespace normalization. 2001-10-18 21:57:37 +00:00
Jeremy Hylton 9f6c37df26 Add trivial test cases for RAND_add() and RAND_status().
(The rest of the test cases are trivial, so I don't feel too bad.)
2001-10-18 00:30:14 +00:00
Guido van Rossum 7b219b4a92 Skip instead of fail this test if the socket module has no ssl
support.
2001-09-06 09:54:47 +00:00
Barry Warsaw d1ed15edb3 A test of SSL support, using a roundabout method suggested by Guido.
However, this is only enabled with regrtest's --use=network switch.
2001-08-20 22:39:42 +00:00