311
314
# Windows 2000 SP 4 and Windows XP SP 2 give back WSAENOTSOCK for
312
# SSL.Connection.write for some reason.
313
if platform.getType() == 'win32':
315
# SSL.Connection.write for some reason. The twisted.protocols.tls
316
# implementation of IReactorSSL doesn't suffer from this imprecation,
317
# though, since it is isolated from the Windows I/O layer (I suppose?).
319
# If test_properlyCloseFiles waited for the SSL handshake to complete
320
# and performed an orderly shutdown, then this would probably be a
321
# little less weird: writing to a shutdown SSL connection has a more
322
# well-defined failure mode (or at least it should).
323
name = fullyQualifiedName(getClass(reactor))
324
if platform.getType() == 'win32' and name != self._iocp:
314
325
return errno.WSAENOTSOCK
315
326
# This is terribly implementation-specific.
316
327
return [('SSL routines', 'SSL_write', 'protocol is shutdown')]
563
L{OpenSSL.SSL.Context} double which can more easily be inspected.
565
def __init__(self, method):
566
self._method = method
570
def set_options(self, options):
571
self._options |= options
574
def use_certificate_file(self, fileName):
578
def use_privatekey_file(self, fileName):
583
class DefaultOpenSSLContextFactoryTests(unittest.TestCase):
585
Tests for L{ssl.DefaultOpenSSLContextFactory}.
588
# pyOpenSSL Context objects aren't introspectable enough. Pass in
589
# an alternate context factory so we can inspect what is done to it.
590
self.contextFactory = ssl.DefaultOpenSSLContextFactory(
591
certPath, certPath, _contextFactory=FakeContext)
592
self.context = self.contextFactory.getContext()
595
def test_method(self):
597
L{ssl.DefaultOpenSSLContextFactory.getContext} returns an SSL context
598
which can use SSLv3 or TLSv1 but not SSLv2.
600
# SSLv23_METHOD allows SSLv2, SSLv3, or TLSv1
601
self.assertEqual(self.context._method, SSL.SSLv23_METHOD)
603
# And OP_NO_SSLv2 disables the SSLv2 support.
604
self.assertTrue(self.context._options & SSL.OP_NO_SSLv2)
606
# Make sure SSLv3 and TLSv1 aren't disabled though.
607
self.assertFalse(self.context._options & SSL.OP_NO_SSLv3)
608
self.assertFalse(self.context._options & SSL.OP_NO_TLSv1)
611
def test_missingCertificateFile(self):
613
Instantiating L{ssl.DefaultOpenSSLContextFactory} with a certificate
614
filename which does not identify an existing file results in the
615
initializer raising L{OpenSSL.SSL.Error}.
619
ssl.DefaultOpenSSLContextFactory, certPath, self.mktemp())
622
def test_missingPrivateKeyFile(self):
624
Instantiating L{ssl.DefaultOpenSSLContextFactory} with a private key
625
filename which does not identify an existing file results in the
626
initializer raising L{OpenSSL.SSL.Error}.
630
ssl.DefaultOpenSSLContextFactory, self.mktemp(), certPath)
634
class ClientContextFactoryTests(unittest.TestCase):
636
Tests for L{ssl.ClientContextFactory}.
639
self.contextFactory = ssl.ClientContextFactory()
640
self.contextFactory._contextFactory = FakeContext
641
self.context = self.contextFactory.getContext()
644
def test_method(self):
646
L{ssl.ClientContextFactory.getContext} returns a context which can use
647
SSLv3 or TLSv1 but not SSLv2.
649
self.assertEqual(self.context._method, SSL.SSLv23_METHOD)
650
self.assertTrue(self.context._options & SSL.OP_NO_SSLv2)
651
self.assertFalse(self.context._options & SSL.OP_NO_SSLv3)
652
self.assertFalse(self.context._options & SSL.OP_NO_TLSv1)
550
656
if interfaces.IReactorSSL(reactor, None) is None:
551
657
for tCase in [StolenTCPTestCase, TLSTestCase, SpammyTLSTestCase,
552
BufferingTestCase, ConnectionLostTestCase]:
658
BufferingTestCase, ConnectionLostTestCase,
659
DefaultOpenSSLContextFactoryTests,
660
ClientContextFactoryTests]:
553
661
tCase.skip = "Reactor does not support SSL, cannot run SSL tests"
555
663
# Otherwise trial will run this test here