mirror of
https://github.com/python/cpython.git
synced 2025-11-04 03:44:55 +00:00
1b7f891f41
svn+ssh://pythondev@svn.python.org/python/trunk ........ r58096 | brett.cannon | 2007-09-10 23:38:27 +0200 (Mon, 10 Sep 2007) | 4 lines Fix a possible segfault from recursing too deep to get the repr of a list. Closes issue #1096. ........ r58097 | bill.janssen | 2007-09-10 23:51:02 +0200 (Mon, 10 Sep 2007) | 33 lines More work on SSL support. * Much expanded test suite: All protocols tested against all other protocols. All protocols tested with all certificate options. Tests for bad key and bad cert. Test of STARTTLS functionality. Test of RAND_* functions. * Fixes for threading/malloc bug. * Issue 1065 fixed: sslsocket class renamed to SSLSocket. sslerror class renamed to SSLError. Function "wrap_socket" now used to wrap an existing socket. * Issue 1583946 finally fixed: Support for subjectAltName added. Subject name now returned as proper DN list of RDNs. * SSLError exported from socket as "sslerror". * RAND_* functions properly exported from ssl.py. * Documentation improved: Example of how to create a self-signed certificate. Better indexing. ........ r58098 | guido.van.rossum | 2007-09-11 00:02:25 +0200 (Tue, 11 Sep 2007) | 9 lines Patch # 1140 (my code, approved by Effbot). Make sure the type of the return value of re.sub(x, y, z) is the type of y+x (i.e. unicode if either is unicode, str if they are both str) even if there are no substitutions or if x==z (which triggered various special cases in join_list()). Could be backported to 2.5; no need to port to 3.0. ........ r58099 | guido.van.rossum | 2007-09-11 00:36:02 +0200 (Tue, 11 Sep 2007) | 8 lines Patch # 1026 by Benjamin Aranguren (with Alex Martelli): Backport abc.py and isinstance/issubclass overloading to 2.6. I had to backport test_typechecks.py myself, and make one small change to abc.py to avoid duplicate work when x.__class__ and type(x) are the same. ........ r58100 | bill.janssen | 2007-09-11 01:41:24 +0200 (Tue, 11 Sep 2007) | 3 lines A better way of finding an open port to test with. ........ r58101 | bill.janssen | 2007-09-11 03:09:19 +0200 (Tue, 11 Sep 2007) | 4 lines Make sure test_ssl doesn't reference the ssl module in a context where it can't be imported. ........ r58102 | bill.janssen | 2007-09-11 04:42:07 +0200 (Tue, 11 Sep 2007) | 3 lines Fix some documentation bugs. ........ r58103 | nick.coghlan | 2007-09-11 16:01:18 +0200 (Tue, 11 Sep 2007) | 1 line Always use the -E flag when spawning subprocesses in test_cmd_line (Issue 1056) ........ r58106 | thomas.heller | 2007-09-11 21:17:48 +0200 (Tue, 11 Sep 2007) | 3 lines Disable some tests that fail on the 'ppc Debian unstable' buildbot to find out if they cause the segfault on the 'alpha Debian' machine. ........ r58108 | brett.cannon | 2007-09-11 23:02:28 +0200 (Tue, 11 Sep 2007) | 6 lines Generators had their throw() method allowing string exceptions. That's a no-no. Fixes issue #1147. Need to fix 2.5 to raise a proper warning if a string exception is passed in. ........ r58112 | georg.brandl | 2007-09-12 20:03:51 +0200 (Wed, 12 Sep 2007) | 3 lines New documentation page for the bdb module. (This doesn't need to be merged to Py3k.) ........ r58114 | georg.brandl | 2007-09-12 20:05:57 +0200 (Wed, 12 Sep 2007) | 2 lines Bug #1152: use non-deprecated name in example. ........ r58115 | georg.brandl | 2007-09-12 20:08:33 +0200 (Wed, 12 Sep 2007) | 2 lines Fix #1122: wrong return type documented for various _Size() functions. ........ r58117 | georg.brandl | 2007-09-12 20:10:56 +0200 (Wed, 12 Sep 2007) | 2 lines Fix #1139: PyFile_Encoding really is PyFile_SetEncoding. ........ r58119 | georg.brandl | 2007-09-12 20:29:18 +0200 (Wed, 12 Sep 2007) | 2 lines bug #1154: release memory allocated by "es" PyArg_ParseTuple format specifier. ........ r58121 | bill.janssen | 2007-09-12 20:52:05 +0200 (Wed, 12 Sep 2007) | 1 line root certificate for https://svn.python.org/, used in test_ssl ........ r58122 | georg.brandl | 2007-09-12 21:00:07 +0200 (Wed, 12 Sep 2007) | 3 lines Bug #1153: repr.repr() now doesn't require set and dictionary items to be orderable to properly represent them. ........ r58125 | georg.brandl | 2007-09-12 21:29:28 +0200 (Wed, 12 Sep 2007) | 4 lines #1120: put explicit version in the shebang lines of pydoc, idle and smtpd.py scripts that are installed by setup.py. That way, they work when only "make altinstall" is used. ........ r58139 | mark.summerfield | 2007-09-13 16:54:30 +0200 (Thu, 13 Sep 2007) | 9 lines Replaced variable o with obj in operator.rst because o is easy to confuse. Added a note about Python 3's collections.Mapping etc., above section that describes isMappingType() etc. Added xrefs between os, os.path, fileinput, and open(). ........ r58143 | facundo.batista | 2007-09-13 20:13:15 +0200 (Thu, 13 Sep 2007) | 7 lines Merged the decimal-branch (revisions 54886 to 58140). Decimal is now fully updated to the latests Decimal Specification (v1.66) and the latests test cases (v2.56). Thanks to Mark Dickinson for all his help during this process. ........ r58145 | facundo.batista | 2007-09-13 20:42:09 +0200 (Thu, 13 Sep 2007) | 7 lines Put the parameter watchexp back in (changed watchexp from an int to a bool). Also second argument to watchexp is now converted to Decimal, just as with all the other two-argument operations. Thanks Mark Dickinson. ........ r58147 | andrew.kuchling | 2007-09-14 00:49:34 +0200 (Fri, 14 Sep 2007) | 1 line Add various items ........ r58148 | andrew.kuchling | 2007-09-14 00:50:10 +0200 (Fri, 14 Sep 2007) | 1 line Make target unique ........ r58154 | facundo.batista | 2007-09-14 20:58:34 +0200 (Fri, 14 Sep 2007) | 3 lines Included the new functions, and new descriptions. ........ r58155 | thomas.heller | 2007-09-14 21:40:35 +0200 (Fri, 14 Sep 2007) | 2 lines ctypes.util.find_library uses dump(1) instead of objdump(1) on Solaris. Fixes issue #1777530; will backport to release25-maint. ........ r58159 | facundo.batista | 2007-09-14 23:29:52 +0200 (Fri, 14 Sep 2007) | 3 lines Some additions (examples and a bit on the tutorial). ........ r58160 | georg.brandl | 2007-09-15 18:53:36 +0200 (Sat, 15 Sep 2007) | 2 lines Remove bdb from the "undocumented modules" list. ........ r58164 | bill.janssen | 2007-09-17 00:06:00 +0200 (Mon, 17 Sep 2007) | 15 lines Add support for asyncore server-side SSL support. This requires adding the 'makefile' method to ssl.SSLSocket, and importing the requisite fakefile class from socket.py, and making the appropriate changes to it to make it use the SSL connection. Added sample HTTPS server to test_ssl.py, and test that uses it. Change SSL tests to use https://svn.python.org/, instead of www.sf.net and pop.gmail.com. Added utility function to ssl module, get_server_certificate, to wrap up the several things to be done to pull a certificate from a remote server. ........ r58173 | bill.janssen | 2007-09-17 01:16:46 +0200 (Mon, 17 Sep 2007) | 1 line use binary mode when reading files for testAsyncore to make Windows happy ........ r58175 | raymond.hettinger | 2007-09-17 02:55:00 +0200 (Mon, 17 Sep 2007) | 7 lines Sync-up named tuples with the latest version of the ASPN recipe. Allows optional commas in the field-name spec (help when named tuples are used in conjuction with sql queries). Adds the __fields__ attribute for introspection and to support conversion to dictionary form. Adds a __replace__() method similar to str.replace() but using a named field as a target. Clean-up spelling and presentation in doc-strings. ........ r58176 | brett.cannon | 2007-09-17 05:28:34 +0200 (Mon, 17 Sep 2007) | 5 lines Add a bunch of GIL release/acquire points in tp_print implementations and for PyObject_Print(). Closes issue #1164. ........ r58177 | sean.reifschneider | 2007-09-17 07:45:04 +0200 (Mon, 17 Sep 2007) | 2 lines issue1597011: Fix for bz2 module corner-case error due to error checking bug. ........ r58180 | facundo.batista | 2007-09-17 18:26:50 +0200 (Mon, 17 Sep 2007) | 3 lines Decimal is updated, :) ........ r58181 | facundo.batista | 2007-09-17 19:30:13 +0200 (Mon, 17 Sep 2007) | 5 lines The methods always return Decimal classes, even if they're executed through a subclass (thanks Mark Dickinson). Added a bit of testing for this. ........ r58183 | sean.reifschneider | 2007-09-17 22:53:21 +0200 (Mon, 17 Sep 2007) | 2 lines issue1082: Fixing platform and system for Vista. ........ r58185 | andrew.kuchling | 2007-09-18 03:36:16 +0200 (Tue, 18 Sep 2007) | 1 line Add item; sort properly ........ r58186 | raymond.hettinger | 2007-09-18 05:33:19 +0200 (Tue, 18 Sep 2007) | 1 line Handle corner cased on 0-tuples and 1-tuples. Add verbose option so people can see how it works. ........ r58192 | georg.brandl | 2007-09-18 09:24:40 +0200 (Tue, 18 Sep 2007) | 2 lines A bit of reordering, also show more subheadings in the lang ref index. ........ r58193 | facundo.batista | 2007-09-18 18:53:18 +0200 (Tue, 18 Sep 2007) | 4 lines Speed up of the various division operations (remainder, divide, divideint and divmod). Thanks Mark Dickinson. ........ r58197 | raymond.hettinger | 2007-09-19 00:18:02 +0200 (Wed, 19 Sep 2007) | 1 line Cleanup docs for NamedTuple. ........
240 lines
7.4 KiB
Python
240 lines
7.4 KiB
Python
# Test just the SSL support in the socket module, in a moderately bogus way.
|
|
|
|
import sys
|
|
import unittest
|
|
from test import test_support
|
|
import socket
|
|
import errno
|
|
import threading
|
|
import subprocess
|
|
import time
|
|
import os
|
|
import urllib
|
|
|
|
# Optionally test SSL support, if we have it in the tested platform
|
|
skip_expected = not hasattr(socket, "ssl")
|
|
|
|
class ConnectedTests(unittest.TestCase):
|
|
|
|
def testBasic(self):
|
|
socket.RAND_status()
|
|
try:
|
|
socket.RAND_egd(1)
|
|
except TypeError:
|
|
pass
|
|
else:
|
|
print("didn't raise TypeError")
|
|
socket.RAND_add("this is a random string", 75.0)
|
|
|
|
with test_support.transient_internet():
|
|
f = urllib.urlopen('https://sf.net')
|
|
buf = f.read()
|
|
f.close()
|
|
|
|
def testTimeout(self):
|
|
def error_msg(extra_msg):
|
|
print("""\
|
|
WARNING: an attempt to connect to %r %s, in
|
|
test_timeout. That may be legitimate, but is not the outcome we
|
|
hoped for. If this message is seen often, test_timeout should be
|
|
changed to use a more reliable address.""" % (ADDR, extra_msg), file=sys.stderr)
|
|
|
|
# A service which issues a welcome banner (without need to write
|
|
# anything).
|
|
# XXX ("gmail.org", 995) has been unreliable so far, from time to
|
|
# XXX time non-responsive for hours on end (& across all buildbot
|
|
# XXX slaves, so that's not just a local thing).
|
|
ADDR = "gmail.org", 995
|
|
|
|
s = socket.socket()
|
|
s.settimeout(30.0)
|
|
try:
|
|
s.connect(ADDR)
|
|
except socket.timeout:
|
|
error_msg('timed out')
|
|
return
|
|
except socket.error as exc: # In case connection is refused.
|
|
if exc.args[0] == errno.ECONNREFUSED:
|
|
error_msg('was refused')
|
|
return
|
|
else:
|
|
raise
|
|
|
|
ss = socket.ssl(s)
|
|
# Read part of return welcome banner twice.
|
|
ss.read(1)
|
|
ss.read(1)
|
|
s.close()
|
|
|
|
class BasicTests(unittest.TestCase):
|
|
|
|
def testRudeShutdown(self):
|
|
# Some random port to connect to.
|
|
PORT = [9934]
|
|
|
|
listener_ready = threading.Event()
|
|
listener_gone = threading.Event()
|
|
|
|
# `listener` runs in a thread. It opens a socket listening on
|
|
# PORT, and sits in an accept() until the main thread connects.
|
|
# Then it rudely closes the socket, and sets Event `listener_gone`
|
|
# to let the main thread know the socket is gone.
|
|
def listener():
|
|
s = socket.socket()
|
|
PORT[0] = test_support.bind_port(s, '', PORT[0])
|
|
s.listen(5)
|
|
listener_ready.set()
|
|
s.accept()
|
|
s = None # reclaim the socket object, which also closes it
|
|
listener_gone.set()
|
|
|
|
def connector():
|
|
listener_ready.wait()
|
|
s = socket.socket()
|
|
s.connect(('localhost', PORT[0]))
|
|
listener_gone.wait()
|
|
try:
|
|
ssl_sock = socket.ssl(s)
|
|
except socket.sslerror:
|
|
pass
|
|
else:
|
|
raise test_support.TestFailed(
|
|
'connecting to closed SSL socket should have failed')
|
|
|
|
t = threading.Thread(target=listener)
|
|
t.start()
|
|
connector()
|
|
t.join()
|
|
|
|
def test_978833(self):
|
|
if test_support.verbose:
|
|
print("test_978833 ...")
|
|
|
|
import os, httplib, ssl
|
|
with test_support.transient_internet():
|
|
s = socket.socket(socket.AF_INET)
|
|
s.connect(("svn.python.org", 443))
|
|
fd = s.fileno()
|
|
sock = ssl.wrap_socket(s)
|
|
s = None
|
|
sock.close()
|
|
try:
|
|
os.fstat(fd)
|
|
except OSError:
|
|
pass
|
|
else:
|
|
raise test_support.TestFailed("Failed to close socket")
|
|
|
|
class OpenSSLTests(unittest.TestCase):
|
|
|
|
def testBasic(self):
|
|
s = socket.socket()
|
|
s.connect(("localhost", 4433))
|
|
ss = socket.ssl(s)
|
|
ss.write("Foo\n")
|
|
i = ss.read(4)
|
|
self.assertEqual(i, "Foo\n")
|
|
s.close()
|
|
|
|
def testMethods(self):
|
|
# read & write is already tried in the Basic test
|
|
# now we'll try to get the server info about certificates
|
|
# this came from the certificate I used, one I found in /usr/share/openssl
|
|
info = "/C=PT/ST=Queensland/L=Lisboa/O=Neuronio, Lda./OU=Desenvolvimento/CN=brutus.neuronio.pt/emailAddress=sampo@iki.fi"
|
|
|
|
s = socket.socket()
|
|
s.connect(("localhost", 4433))
|
|
ss = socket.ssl(s)
|
|
cert = ss.server()
|
|
self.assertEqual(cert, info)
|
|
cert = ss.issuer()
|
|
self.assertEqual(cert, info)
|
|
s.close()
|
|
|
|
|
|
class OpenSSLServer(threading.Thread):
|
|
def __init__(self):
|
|
self.s = None
|
|
self.keepServing = True
|
|
self._external()
|
|
if self.haveServer:
|
|
threading.Thread.__init__(self)
|
|
|
|
def _external(self):
|
|
# let's find the .pem files
|
|
curdir = os.path.dirname(__file__) or os.curdir
|
|
cert_file = os.path.join(curdir, "ssl_cert.pem")
|
|
if not os.access(cert_file, os.F_OK):
|
|
raise ValueError("No cert file found! (tried %r)" % cert_file)
|
|
key_file = os.path.join(curdir, "ssl_key.pem")
|
|
if not os.access(key_file, os.F_OK):
|
|
raise ValueError("No key file found! (tried %r)" % key_file)
|
|
|
|
try:
|
|
cmd = "openssl s_server -cert %s -key %s -quiet" % (cert_file, key_file)
|
|
self.s = subprocess.Popen(cmd.split(), stdin=subprocess.PIPE,
|
|
stdout=subprocess.PIPE,
|
|
stderr=subprocess.STDOUT)
|
|
time.sleep(1)
|
|
except:
|
|
self.haveServer = False
|
|
else:
|
|
# let's try if it is actually up
|
|
try:
|
|
s = socket.socket()
|
|
s.connect(("localhost", 4433))
|
|
s.close()
|
|
if self.s.stdout.readline() != "ERROR\n":
|
|
raise ValueError
|
|
except:
|
|
self.haveServer = False
|
|
else:
|
|
self.haveServer = True
|
|
|
|
def run(self):
|
|
while self.keepServing:
|
|
time.sleep(.5)
|
|
l = self.s.stdout.readline()
|
|
self.s.stdin.write(l)
|
|
|
|
def shutdown(self):
|
|
self.keepServing = False
|
|
if not self.s:
|
|
return
|
|
if sys.platform == "win32":
|
|
subprocess.TerminateProcess(int(self.s._handle), -1)
|
|
else:
|
|
os.kill(self.s.pid, 15)
|
|
|
|
def test_main():
|
|
if not hasattr(socket, "ssl"):
|
|
raise test_support.TestSkipped("socket module has no ssl support")
|
|
|
|
tests = [BasicTests]
|
|
|
|
if test_support.is_resource_enabled('network'):
|
|
tests.append(ConnectedTests)
|
|
|
|
# in these platforms we can kill the openssl process
|
|
if sys.platform in ("sunos5", "darwin", "linux1",
|
|
"linux2", "win32", "hp-ux11"):
|
|
|
|
server = OpenSSLServer()
|
|
if server.haveServer:
|
|
tests.append(OpenSSLTests)
|
|
server.start()
|
|
else:
|
|
server = None
|
|
|
|
thread_info = test_support.threading_setup()
|
|
|
|
try:
|
|
test_support.run_unittest(*tests)
|
|
finally:
|
|
if server is not None and server.haveServer:
|
|
server.shutdown()
|
|
|
|
test_support.threading_cleanup(*thread_info)
|
|
|
|
if __name__ == "__main__":
|
|
test_main()
|