Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / pyopenssl / 7d5a3bfd55c7c9de71af877e773dce4554cf455b^! / . / tests / test_ssl.py
commit7d5a3bfd55c7c9de71af877e773dce4554cf455b[log] [tgz]
authorPaul Kehrer <paul.l.kehrer@gmail.com>Mon Jan 21 12:24:02 2019 -0600
committerAlex Gaynor <alex.gaynor@gmail.com>Mon Jan 21 12:24:02 2019 -0600
tree8a58b2279c0ce53790e06f5e5c29ede75d46f91c
parent37e6022e8a907ef52a3eba4c53edac8c32bedfc0 [diff] [blame]
Hypothetically fixes pyOpenSSL tests (#805)

* fix openssl CLI testing for 1.1.1

* various 1.1.1 related fixes

some of which are just admitting TLS 1.3 is fundamentally different and
pinning the tests to TLS 1.2

* flake8 fixes

* allow travis_infra env var through

* fix twisted

diff --git a/tests/test_ssl.py b/tests/test_ssl.py
index fbf0760..bddeaa9 100644
--- a/tests/test_ssl.py
+++ b/tests/test_ssl.py

@@ -216,14 +216,14 @@
     return [(cakey, cacert), (ikey, icert), (skey, scert)]
 
 
-def loopback_client_factory(socket):
-    client = Connection(Context(SSLv23_METHOD), socket)
+def loopback_client_factory(socket, version=SSLv23_METHOD):
+    client = Connection(Context(version), socket)
     client.set_connect_state()
     return client
 
 
-def loopback_server_factory(socket):
-    ctx = Context(SSLv23_METHOD)
+def loopback_server_factory(socket, version=SSLv23_METHOD):
+    ctx = Context(version)
     ctx.use_privatekey(load_privatekey(FILETYPE_PEM, server_key_pem))
     ctx.use_certificate(load_certificate(FILETYPE_PEM, server_cert_pem))
     server = Connection(ctx, socket)
@@ -1307,13 +1307,13 @@
         exception, verification fails and the exception is propagated to the
         caller of `Connection.do_handshake`.
         """
-        serverContext = Context(TLSv1_METHOD)
+        serverContext = Context(TLSv1_2_METHOD)
         serverContext.use_privatekey(
             load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM))
         serverContext.use_certificate(
             load_certificate(FILETYPE_PEM, cleartextCertificatePEM))
 
-        clientContext = Context(TLSv1_METHOD)
+        clientContext = Context(TLSv1_2_METHOD)
 
         def verify_callback(*args):
             raise Exception("silly verify failure")
@@ -2539,7 +2539,7 @@
         """
         key = load_privatekey(FILETYPE_PEM, server_key_pem)
         cert = load_certificate(FILETYPE_PEM, server_cert_pem)
-        ctx = Context(SSLv23_METHOD)
+        ctx = Context(TLSv1_2_METHOD)
         ctx.use_privatekey(key)
         ctx.use_certificate(cert)
         ctx.set_session_id("unity-test")
@@ -3193,7 +3193,10 @@
         """
         Go through a complete renegotiation cycle.
         """
-        server, client = loopback()
+        server, client = loopback(
+            lambda s: loopback_server_factory(s, TLSv1_2_METHOD),
+            lambda s: loopback_client_factory(s, TLSv1_2_METHOD),
+        )
 
         server.send(b"hello world")