Commit Graph

116 Commits

Author SHA1 Message Date
Serhiy Storchaka 2ef2fffe3b
gh-109845: Make test_ftplib more stable under load (GH-109912)
recv() can return partial data cut in the middle of a multibyte
character. Test raw binary data instead of data incorrectly decoded by parts.
2023-09-26 22:58:46 +03:00
Nikita Sobolev e57ecf6bbc
gh-108303: Move all certificates to `Lib/test/certdata/` (#109489) 2023-09-16 18:47:18 +02:00
Nikita Sobolev e56e33d271
gh-72719: Remove asyncore and asynchat modules (#96580)
Remove modules asyncore and asynchat, which were deprecated by PEP 594.

Co-authored-by: Jelle Zijlstra <jelle.zijlstra@gmail.com>
2022-11-08 16:48:58 +01:00
Victor Stinner ef0e72b31d
gh-94172: Remove keyfile, certfile and check_hostname parameters (#94173)
Remove the keyfile, certfile and check_hostname parameters,
deprecated since Python 3.6, in modules: ftplib, http.client,
imaplib, poplib and smtplib. Use the context parameter (ssl_context
in imaplib) instead.

Parameters following the removed parameters become keyword-only
parameters.

ftplib: Remove the FTP_TLS.ssl_version class attribute: use the
context parameter instead.
2022-11-03 18:32:25 +01:00
Hugo van Kemenade 9b027d4cea
gh-92169: Use warnings_helper.import_deprecated() to import deprecated modules uniformly in tests (GH-92170) 2022-05-03 10:17:54 +03:00
Christian Heimes deeaac49e2
bpo-40280: Skip socket, fork, subprocess tests on Emscripten (GH-31986)
- Add requires_fork and requires_subprocess to more tests
- Skip extension import tests if dlopen is not available
- Don't assume that _testcapi is a shared extension
- Skip a lot of socket tests that don't work on Emscripten
- Skip mmap tests, mmap emulation is incomplete
- venv does not work yet
- Cannot get libc from executable

The "entire" test suite is now passing on Emscripten with EMSDK from git head (91 suites are skipped).
2022-03-22 03:04:36 -07:00
Victor Stinner 0611eafc70
bpo-44359: Fix test_ftplib unhandled thread exceptions (GH-31069)
test_ftplib now silently ignores socket errors to prevent logging
unhandled threading exceptions.
2022-02-02 02:47:40 +01:00
Victor Stinner cf7eaa4617
Revert "bpo-28533: Remove asyncore, asynchat, smtpd modules (GH-29521)" (GH-29951)
This reverts commit 9bf2cbc4c4.
2021-12-07 12:31:04 +01:00
Victor Stinner 9bf2cbc4c4
bpo-28533: Remove asyncore, asynchat, smtpd modules (GH-29521)
Remove the asyncore and asynchat modules, deprecated in Python
3.6: use the asyncio module instead.

Remove the smtpd module, deprecated in Python 3.6: the aiosmtpd
module can be used instead, it is based on asyncio.

* Remove asyncore, asynchat and smtpd documentation
* Remove test_asyncore, test_asynchat and test_smtpd
* Rename Lib/asynchat.py to Lib/test/support/_asynchat.py
* Rename Lib/asyncore.py to Lib/test/support/_asyncore.py
* Rename Lib/smtpd.py to Lib/test/support/_smtpd.py
* Remove DeprecationWarning from private _asyncore, _asynchat and
  _smtpd modules
* _smtpd: remove deprecated properties
2021-11-16 00:29:17 +01:00
Serhiy Storchaka 40348acc18
bpo-45229: Remove test_main in many tests (GH-28405)
Instead of explicitly enumerate test classes for run_unittest()
use the unittest ability to discover tests. This also makes these
tests discoverable and runnable with unittest.

load_tests() can be used for dynamic generating tests and adding
doctests. setUpModule(), tearDownModule() and addModuleCleanup()
can be used for running code before and after all module tests.
2021-09-19 15:27:33 +03:00
Irit Katriel 22e7effad5
bpo-44498: suppress DeprecationWarnings for asynchat, asyncore and smtpd in tests (GH-26905) 2021-06-25 00:20:40 +01:00
Christian Heimes 2875c603b2
bpo-43880: Show DeprecationWarnings for deprecated ssl module features (GH-25455)
* ssl.OP_NO_SSLv2
* ssl.OP_NO_SSLv3
* ssl.OP_NO_TLSv1
* ssl.OP_NO_TLSv1_1
* ssl.OP_NO_TLSv1_2
* ssl.OP_NO_TLSv1_3
* ssl.PROTOCOL_SSLv2
* ssl.PROTOCOL_SSLv3
* ssl.PROTOCOL_SSLv23 (alias for PROTOCOL_TLS)
* ssl.PROTOCOL_TLS
* ssl.PROTOCOL_TLSv1
* ssl.PROTOCOL_TLSv1_1
* ssl.PROTOCOL_TLSv1_2
* ssl.TLSVersion.SSLv3
* ssl.TLSVersion.TLSv1
* ssl.TLSVersion.TLSv1_1
* ssl.wrap_socket()
* ssl.RAND_pseudo_bytes()
* ssl.RAND_egd() (already removed since it's not supported by OpenSSL 1.1.1)
* ssl.SSLContext() without a protocol argument
* ssl.match_hostname()
* hashlib.pbkdf2_hmac() (pure Python implementation, fast OpenSSL
  function will stay)

Signed-off-by: Christian Heimes <christian@python.org>
2021-04-19 07:27:10 +02:00
Gregory P. Smith 0ab152c6b5
bpo-43285 Make ftplib not trust the PASV response. (GH-24838)
bpo-43285: Make ftplib not trust the PASV response.

The IPv4 address value returned from the server in response to the PASV command
should not be trusted.  This prevents a malicious FTP server from using the
response to probe IPv4 address and port combinations on the client network.

Instead of using the returned address, we use the IP address we're
already connected to.  This is the strategy other ftp clients adopted,
and matches the only strategy available for the modern IPv6 EPSV command
where the server response must return a port number and nothing else.

For the rare user who _wants_ this ugly behavior, set a `trust_server_pasv_ipv4_address`
attribute on your `ftplib.FTP` instance to True.
2021-03-15 11:39:31 -07:00
Christian Heimes 03c8ddd9e9
bpo-42413: socket.timeout is now an alias of TimeoutError (GH-23413)
Signed-off-by: Christian Heimes <christian@python.org>
2020-11-20 00:26:07 -08:00
Victor Stinner fbf43f051e
bpo-41521: Rename blacklist parameter to not_exported (GH-21824)
Rename "blacklist" parameter of test.support.check__all__() to
"not_exported".
2020-08-17 07:20:40 +02:00
Hai Shi 4660597b51
bpo-40275: Use new test.support helper submodules in tests (GH-21448) 2020-08-03 18:49:18 +02:00
Hai Shi e80697d687
bpo-40275: Adding threading_helper submodule in test.support (GH-20263) 2020-05-28 00:10:27 +02:00
Serhiy Storchaka 16994912c9
bpo-40275: Avoid importing socket in test.support (GH-19603)
* Move socket related functions from test.support to socket_helper.
* Import socket, nntplib and urllib.error lazily in transient_internet().
* Remove importing multiprocess.
2020-04-25 10:06:29 +03:00
Sebastian Pedersen a1a0eb4a39
bpo-39380: Change ftplib encoding from latin-1 to utf-8 (GH-18048)
Add the encoding in ftplib.FTP and ftplib.FTP_TLS to the
constructor as keyword-only and change the default from "latin-1" to "utf-8"
to follow RFC 2640.
2020-04-14 01:07:56 +02:00
Dong-hee Na a190e2ade1 bpo-39259: ftplib.FTP/FTP_TLS now reject timeout = 0 (GH-17959) 2020-01-13 20:34:34 +01:00
Victor Stinner 07871b256c
bpo-38614: Use test.support.LOOPBACK_TIMEOUT constant (GH-17554)
Replace hardcoded timeout constants in tests with LOOPBACK_TIMEOUT of
test.support, so it's easier to ajdust this timeout for all tests at
once.
2019-12-10 20:32:59 +01:00
Pablo Galindo 293dd23477
Remove binding of captured exceptions when not used to reduce the chances of creating cycles (GH-17246)
Capturing exceptions into names can lead to reference cycles though the __traceback__ attribute of the exceptions in some obscure cases that have been reported previously and fixed individually. As these variables are not used anyway, we can remove the binding to reduce the chances of creating reference cycles.

See for example GH-13135
2019-11-19 21:34:03 +00:00
Giampaolo Rodola eb7e29f2a9
bpo-35934: Add socket.create_server() utility function (GH-11784) 2019-04-09 00:34:02 +02:00
Christian Heimes 1590c39336
bpo-34391: Fix ftplib test for TLS 1.3 (GH-8787)
Read from data socket to avoid "[SSL] shutdown while in init" exception
during shutdown of the dummy server.

Signed-off-by: Christian Heimes <christian@python.org>


<!-- issue-number: [bpo-34391](https://www.bugs.python.org/issue34391) -->
https://bugs.python.org/issue34391
<!-- /issue-number -->
2018-08-16 19:43:44 +02:00
Christian Heimes 529525fb5a
bpo-33618: Enable TLS 1.3 in tests (GH-7079)
TLS 1.3 behaves slightly different than TLS 1.2. Session tickets and TLS
client cert auth are now handled after the initialy handshake. Tests now
either send/recv data to trigger session and client certs. Or tests
ignore ConnectionResetError / BrokenPipeError on the server side to
handle clients that force-close the socket fd.

To test TLS 1.3, OpenSSL 1.1.1-pre7-dev (git master + OpenSSL PR
https://github.com/openssl/openssl/pull/6340) is required.

Signed-off-by: Christian Heimes <christian@python.org>
2018-05-23 22:24:45 +02:00
Christian Heimes 05d9fe32a1
bpo-32947: OpenSSL 1.1.1-pre1 / TLS 1.3 fixes (#5663)
* bpo-32947: OpenSSL 1.1.1-pre1 / TLS 1.3 fixes

Misc fixes and workarounds for compatibility with OpenSSL 1.1.1-pre1 and
TLS 1.3 support. With OpenSSL 1.1.1, Python negotiates TLS 1.3 by
default. Some test cases only apply to TLS 1.2. Other tests currently
fail because the threaded or async test servers stop after failure.

I'm going to address these issues when OpenSSL 1.1.1 reaches beta.

OpenSSL 1.1.1 has added a new option OP_ENABLE_MIDDLEBOX_COMPAT for TLS
1.3. The feature is enabled by default for maximum compatibility with
broken middle boxes. Users should be able to disable the hack and CPython's test suite needs
it to verify default options.

Signed-off-by: Christian Heimes <christian@python.org>
2018-02-27 08:55:39 +01:00
Victor Stinner 51500f3745
bpo-32706: Skip test_ftplib.test_check_hostname() (#5422)
This test is unstable and currently prevents to make any new change
since the test always fails on Travis CI.

Skip the test to get more time to fix it.
2018-01-29 13:21:34 +01:00
Christian Heimes 61d478c71c
bpo-31399: Let OpenSSL verify hostname and IP address (#3462)
bpo-31399: Let OpenSSL verify hostname and IP

The ssl module now uses OpenSSL's X509_VERIFY_PARAM_set1_host() and
X509_VERIFY_PARAM_set1_ip() API to verify hostname and IP addresses.

* Remove match_hostname calls
* Check for libssl with set1_host, libssl must provide X509_VERIFY_PARAM_set1_host()
* Add documentation for OpenSSL 1.0.2 requirement
* Don't support OpenSSL special mode with a leading dot, e.g. ".example.org" matches "www.example.org". It's not standard conform.
* Add hostname_checks_common_name

Signed-off-by: Christian Heimes <christian@python.org>
2018-01-27 15:51:38 +01:00
Christian Heimes a170fa162d bpo-31346: Use PROTOCOL_TLS_CLIENT/SERVER (#3058)
Replaces PROTOCOL_TLSv* and PROTOCOL_SSLv23 with PROTOCOL_TLS_CLIENT and
PROTOCOL_TLS_SERVER.

Signed-off-by: Christian Heimes <christian@python.org>
2017-09-15 20:27:30 +02:00
Victor Stinner b157ce1e58 bpo-31234: Fix dangling thread in test_ftplib (#3544)
Clear also self.server_thread attribute in TestTimeouts.tearDown().
2017-09-13 06:43:58 -07:00
Victor Stinner d403a29c00 bpo-31234: Fix dangling thread in test_ftp/poplib (#3540)
Explicitly clear the server attribute in test_ftplib and test_poplib
to prevent dangling thread.
2017-09-13 03:58:25 -07:00
Antoine Pitrou a6a4dc816d bpo-31370: Remove support for threads-less builds (#3385)
* Remove Setup.config
* Always define WITH_THREAD for compatibility.
2017-09-07 18:56:24 +02:00
Dong-hee Na 2b1e6e9696 bpo-30119: fix ftplib.FTP.putline() to throw an error for a illegal command (#1214) 2017-07-22 19:20:22 +02:00
Victor Stinner 73528640ff bpo-30818: test_ftplib calls asyncore.close_all() (#2514)
Always clear asyncore socket map using
asyncore.close_all(ignore_all=True) in tearDown() method.

This change should fix this warning:

Warning -- asyncore.socket_map was modified by test_ftplib
  Before: {}
  After:  {4: <test.test_ftplib.DummyTLS_FTPServer 127.0.0.1:0 at 0x805feccf0>}
2017-06-30 17:36:57 +02:00
Christian Heimes d04863771b Issue #28022: Deprecate ssl-related arguments in favor of SSLContext.
The deprecation include manual creation of SSLSocket and certfile/keyfile
(or similar) in ftplib, httplib, imaplib, smtplib, poplib and urllib.

ssl.wrap_socket() is not marked as deprecated yet.
2016-09-10 23:23:33 +02:00
Martin Panter 19e69c5a20 Issue #23883: Add missing APIs to __all__; patch by Jacek Kołodziej 2015-11-14 12:46:42 +00:00
Benjamin Peterson 22293df016 merge 3.4 (#22935) 2014-12-05 22:11:33 -05:00
Benjamin Peterson e32467cf6a allow ssl module to compile if openssl doesn't support SSL 3 (closes #22935)
Patch by Kurt Roeckx.
2014-12-05 21:59:35 -05:00
Benjamin Peterson f9284ae8ed merge 3.4 (#22921) 2014-11-23 17:06:39 -06:00
Benjamin Peterson 7243b574e5 don't require OpenSSL SNI to pass hostname to ssl functions (#22921)
Patch by Donald Stufft.
2014-11-23 17:04:34 -06:00
Berker Peksag 8f791d358b Issue #6623: Remove deprecated Netrc class in the ftplib module.
Patch by Matt Chaput.
2014-11-01 10:45:57 +02:00
Charles-François Natali 6e20460dc6 Issue #21566: Make use of socket.listen() default backlog. 2014-07-23 19:28:13 +01:00
Serhiy Storchaka d3e1207191 Issue #20555: Use specific asserts in urllib, httplib, ftplib, cgi, wsgiref tests. 2014-02-08 14:51:10 +02:00
Serhiy Storchaka 25d8aeac7c Issue #20555: Use specific asserts in urllib, httplib, ftplib, cgi, wsgiref tests. 2014-02-08 14:50:08 +02:00
Christian Heimes b2a794d235 fixed test_ftplib 2013-12-15 19:50:13 +01:00
Christian Heimes e7945d76ff test_ftplib: skip check_hostname test when SNI is not available 2013-12-15 19:38:22 +01:00
Christian Heimes e5b5edfa2c Issue #19781: ftplib now supports SSLContext.check_hostname and server name
indication for TLS/SSL connections.
2013-12-02 02:56:02 +01:00
Serhiy Storchaka 43767638a9 Issue #18702: All skipped tests now reported as skipped. 2013-11-03 21:31:38 +02:00
Serhiy Storchaka 7908068627 Issue #18702: All skipped tests now reported as skipped. 2013-11-03 21:31:18 +02:00
Serhiy Storchaka 2acc456c33 Issue #16038: CVE-2013-1752: ftplib: Limit amount of data read by
limiting the call to readline().  Original patch by Michał
Jastrzębski and Giampaolo Rodola.
2013-10-20 17:02:10 +03:00