2013-02-23 22:08:43 +00:00
|
|
|
import cStringIO, Queue, time, socket
|
2013-01-25 02:54:41 +00:00
|
|
|
from netlib import tcp, certutils, test
|
2013-01-26 08:19:35 +00:00
|
|
|
import mock
|
2012-06-18 21:42:32 +00:00
|
|
|
import tutils
|
|
|
|
|
2012-06-25 21:50:42 +00:00
|
|
|
class SNIHandler(tcp.BaseHandler):
|
|
|
|
sni = None
|
|
|
|
def handle_sni(self, connection):
|
|
|
|
self.sni = connection.get_servername()
|
|
|
|
|
|
|
|
def handle(self):
|
|
|
|
self.wfile.write(self.sni)
|
|
|
|
self.wfile.flush()
|
|
|
|
|
|
|
|
|
2012-06-25 04:16:01 +00:00
|
|
|
class EchoHandler(tcp.BaseHandler):
|
2012-06-25 21:50:42 +00:00
|
|
|
sni = None
|
|
|
|
def handle_sni(self, connection):
|
|
|
|
self.sni = connection.get_servername()
|
|
|
|
|
2012-06-18 21:42:32 +00:00
|
|
|
def handle(self):
|
|
|
|
v = self.rfile.readline()
|
2013-01-27 06:21:18 +00:00
|
|
|
self.wfile.write(v)
|
2012-06-18 21:42:32 +00:00
|
|
|
self.wfile.flush()
|
|
|
|
|
|
|
|
|
2013-01-20 09:13:38 +00:00
|
|
|
class CertHandler(tcp.BaseHandler):
|
|
|
|
sni = None
|
|
|
|
def handle_sni(self, connection):
|
|
|
|
self.sni = connection.get_servername()
|
|
|
|
|
|
|
|
def handle(self):
|
|
|
|
self.wfile.write("%s\n"%self.clientcert.serial)
|
|
|
|
self.wfile.flush()
|
|
|
|
|
|
|
|
|
2013-08-21 10:42:30 +00:00
|
|
|
class ClientCipherListHandler(tcp.BaseHandler):
|
|
|
|
sni = None
|
|
|
|
|
|
|
|
def handle(self):
|
|
|
|
self.wfile.write("%s"%self.connection.get_cipher_list())
|
|
|
|
self.wfile.flush()
|
|
|
|
|
|
|
|
|
2012-06-25 04:16:01 +00:00
|
|
|
class DisconnectHandler(tcp.BaseHandler):
|
|
|
|
def handle(self):
|
2012-07-20 02:43:51 +00:00
|
|
|
self.close()
|
2012-06-25 04:16:01 +00:00
|
|
|
|
|
|
|
|
2012-07-21 04:10:54 +00:00
|
|
|
class HangHandler(tcp.BaseHandler):
|
|
|
|
def handle(self):
|
|
|
|
while 1:
|
|
|
|
time.sleep(1)
|
|
|
|
|
|
|
|
|
2012-09-30 22:30:02 +00:00
|
|
|
class TimeoutHandler(tcp.BaseHandler):
|
|
|
|
def handle(self):
|
|
|
|
self.timeout = False
|
|
|
|
self.settimeout(0.01)
|
|
|
|
try:
|
|
|
|
self.rfile.read(10)
|
|
|
|
except tcp.NetLibTimeout:
|
|
|
|
self.timeout = True
|
|
|
|
|
|
|
|
|
2013-01-25 02:54:41 +00:00
|
|
|
class TestServer(test.ServerTestBase):
|
2013-01-25 03:03:59 +00:00
|
|
|
handler = EchoHandler
|
2012-06-18 21:42:32 +00:00
|
|
|
def test_echo(self):
|
|
|
|
testval = "echo!\n"
|
2012-06-25 02:42:15 +00:00
|
|
|
c = tcp.TCPClient("127.0.0.1", self.port)
|
2012-06-24 23:23:04 +00:00
|
|
|
c.connect()
|
2012-06-18 21:42:32 +00:00
|
|
|
c.wfile.write(testval)
|
|
|
|
c.wfile.flush()
|
|
|
|
assert c.rfile.readline() == testval
|
|
|
|
|
2012-06-24 23:00:39 +00:00
|
|
|
|
2013-01-27 06:21:18 +00:00
|
|
|
|
|
|
|
class FinishFailHandler(tcp.BaseHandler):
|
|
|
|
def handle(self):
|
|
|
|
v = self.rfile.readline()
|
|
|
|
self.wfile.write(v)
|
|
|
|
self.wfile.flush()
|
|
|
|
o = mock.MagicMock()
|
|
|
|
self.wfile.close()
|
|
|
|
self.rfile.close()
|
|
|
|
self.close = mock.MagicMock(side_effect=socket.error)
|
|
|
|
|
|
|
|
|
|
|
|
class TestFinishFail(test.ServerTestBase):
|
|
|
|
"""
|
|
|
|
This tests a difficult-to-trigger exception in the .finish() method of
|
|
|
|
the handler.
|
|
|
|
"""
|
|
|
|
handler = FinishFailHandler
|
|
|
|
def test_disconnect_in_finish(self):
|
|
|
|
testval = "echo!\n"
|
|
|
|
c = tcp.TCPClient("127.0.0.1", self.port)
|
|
|
|
c.connect()
|
|
|
|
c.wfile.write("foo\n")
|
|
|
|
c.wfile.flush()
|
|
|
|
c.rfile.read(4)
|
|
|
|
h = self.last_handler
|
|
|
|
h.finish()
|
|
|
|
|
|
|
|
|
2013-01-25 02:54:41 +00:00
|
|
|
class TestDisconnect(test.ServerTestBase):
|
2013-01-25 03:03:59 +00:00
|
|
|
handler = EchoHandler
|
2012-07-20 02:43:51 +00:00
|
|
|
def test_echo(self):
|
|
|
|
testval = "echo!\n"
|
|
|
|
c = tcp.TCPClient("127.0.0.1", self.port)
|
|
|
|
c.connect()
|
|
|
|
c.wfile.write(testval)
|
|
|
|
c.wfile.flush()
|
|
|
|
assert c.rfile.readline() == testval
|
|
|
|
|
|
|
|
|
2013-01-25 02:54:41 +00:00
|
|
|
class TestServerSSL(test.ServerTestBase):
|
2013-01-25 03:03:59 +00:00
|
|
|
handler = EchoHandler
|
|
|
|
ssl = dict(
|
2013-01-25 02:54:41 +00:00
|
|
|
cert = tutils.test_data.path("data/server.crt"),
|
|
|
|
key = tutils.test_data.path("data/server.key"),
|
2013-05-12 20:48:21 +00:00
|
|
|
request_client_cert = False,
|
2013-01-25 02:54:41 +00:00
|
|
|
v3_only = False
|
2013-01-25 03:03:59 +00:00
|
|
|
)
|
2012-06-24 23:00:39 +00:00
|
|
|
def test_echo(self):
|
2012-06-25 02:42:15 +00:00
|
|
|
c = tcp.TCPClient("127.0.0.1", self.port)
|
2012-06-24 23:23:04 +00:00
|
|
|
c.connect()
|
2013-01-26 08:29:45 +00:00
|
|
|
c.convert_to_ssl(sni="foo.com", options=tcp.OP_ALL)
|
2012-06-24 23:00:39 +00:00
|
|
|
testval = "echo!\n"
|
2012-06-18 21:42:32 +00:00
|
|
|
c.wfile.write(testval)
|
|
|
|
c.wfile.flush()
|
2012-06-24 23:00:39 +00:00
|
|
|
assert c.rfile.readline() == testval
|
2012-06-18 21:42:32 +00:00
|
|
|
|
2012-06-27 20:15:55 +00:00
|
|
|
def test_get_remote_cert(self):
|
|
|
|
assert certutils.get_remote_cert("127.0.0.1", self.port, None).digest("sha1")
|
|
|
|
|
2012-06-18 21:42:32 +00:00
|
|
|
|
2013-01-25 02:54:41 +00:00
|
|
|
class TestSSLv3Only(test.ServerTestBase):
|
2013-01-25 03:03:59 +00:00
|
|
|
handler = EchoHandler
|
|
|
|
ssl = dict(
|
|
|
|
cert = tutils.test_data.path("data/server.crt"),
|
|
|
|
key = tutils.test_data.path("data/server.key"),
|
2013-05-12 20:48:21 +00:00
|
|
|
request_client_cert = False,
|
2013-01-25 03:03:59 +00:00
|
|
|
v3_only = True
|
|
|
|
)
|
2012-07-04 09:30:07 +00:00
|
|
|
def test_failure(self):
|
|
|
|
c = tcp.TCPClient("127.0.0.1", self.port)
|
|
|
|
c.connect()
|
|
|
|
tutils.raises(tcp.NetLibError, c.convert_to_ssl, sni="foo.com", method=tcp.TLSv1_METHOD)
|
|
|
|
|
|
|
|
|
2013-01-25 02:54:41 +00:00
|
|
|
class TestSSLClientCert(test.ServerTestBase):
|
2013-01-25 03:03:59 +00:00
|
|
|
handler = CertHandler
|
|
|
|
ssl = dict(
|
|
|
|
cert = tutils.test_data.path("data/server.crt"),
|
|
|
|
key = tutils.test_data.path("data/server.key"),
|
2013-05-12 20:48:21 +00:00
|
|
|
request_client_cert = True,
|
2013-01-25 03:03:59 +00:00
|
|
|
v3_only = False
|
|
|
|
)
|
2013-01-20 09:13:38 +00:00
|
|
|
def test_clientcert(self):
|
|
|
|
c = tcp.TCPClient("127.0.0.1", self.port)
|
|
|
|
c.connect()
|
2013-02-24 02:36:15 +00:00
|
|
|
c.convert_to_ssl(cert=tutils.test_data.path("data/clientcert/client.pem"))
|
2013-01-20 09:13:38 +00:00
|
|
|
assert c.rfile.readline().strip() == "1"
|
|
|
|
|
2013-01-20 09:36:54 +00:00
|
|
|
def test_clientcert_err(self):
|
|
|
|
c = tcp.TCPClient("127.0.0.1", self.port)
|
|
|
|
c.connect()
|
|
|
|
tutils.raises(
|
|
|
|
tcp.NetLibError,
|
|
|
|
c.convert_to_ssl,
|
2013-02-24 02:36:15 +00:00
|
|
|
cert=tutils.test_data.path("data/clientcert/make")
|
2013-01-20 09:36:54 +00:00
|
|
|
)
|
|
|
|
|
2013-01-20 09:13:38 +00:00
|
|
|
|
2013-01-25 02:54:41 +00:00
|
|
|
class TestSNI(test.ServerTestBase):
|
2013-01-25 03:03:59 +00:00
|
|
|
handler = SNIHandler
|
|
|
|
ssl = dict(
|
|
|
|
cert = tutils.test_data.path("data/server.crt"),
|
|
|
|
key = tutils.test_data.path("data/server.key"),
|
2013-05-12 20:48:21 +00:00
|
|
|
request_client_cert = False,
|
2013-01-25 03:03:59 +00:00
|
|
|
v3_only = False
|
|
|
|
)
|
2012-06-25 21:50:42 +00:00
|
|
|
def test_echo(self):
|
|
|
|
c = tcp.TCPClient("127.0.0.1", self.port)
|
|
|
|
c.connect()
|
|
|
|
c.convert_to_ssl(sni="foo.com")
|
|
|
|
assert c.rfile.readline() == "foo.com"
|
|
|
|
|
|
|
|
|
2013-08-21 10:42:30 +00:00
|
|
|
class TestClientCipherList(test.ServerTestBase):
|
|
|
|
handler = ClientCipherListHandler
|
|
|
|
ssl = dict(
|
|
|
|
cert = tutils.test_data.path("data/server.crt"),
|
|
|
|
key = tutils.test_data.path("data/server.key"),
|
|
|
|
request_client_cert = False,
|
|
|
|
v3_only = False,
|
|
|
|
cipher_list = 'RC4-SHA'
|
|
|
|
)
|
|
|
|
def test_echo(self):
|
|
|
|
c = tcp.TCPClient("127.0.0.1", self.port)
|
|
|
|
c.connect()
|
|
|
|
c.convert_to_ssl(sni="foo.com")
|
|
|
|
assert c.rfile.readline() == "['RC4-SHA']"
|
|
|
|
|
|
|
|
|
2013-01-25 02:54:41 +00:00
|
|
|
class TestSSLDisconnect(test.ServerTestBase):
|
2013-01-25 03:03:59 +00:00
|
|
|
handler = DisconnectHandler
|
|
|
|
ssl = dict(
|
|
|
|
cert = tutils.test_data.path("data/server.crt"),
|
|
|
|
key = tutils.test_data.path("data/server.key"),
|
2013-05-12 20:48:21 +00:00
|
|
|
request_client_cert = False,
|
2013-01-25 03:03:59 +00:00
|
|
|
v3_only = False
|
|
|
|
)
|
2012-06-25 04:16:01 +00:00
|
|
|
def test_echo(self):
|
|
|
|
c = tcp.TCPClient("127.0.0.1", self.port)
|
|
|
|
c.connect()
|
|
|
|
c.convert_to_ssl()
|
|
|
|
# Excercise SSL.ZeroReturnError
|
|
|
|
c.rfile.read(10)
|
2012-07-20 02:43:51 +00:00
|
|
|
c.close()
|
|
|
|
tutils.raises(tcp.NetLibDisconnect, c.wfile.write, "foo")
|
|
|
|
tutils.raises(Queue.Empty, self.q.get_nowait)
|
|
|
|
|
|
|
|
|
2013-01-25 03:03:59 +00:00
|
|
|
class TestDisconnect(test.ServerTestBase):
|
2012-07-20 02:43:51 +00:00
|
|
|
def test_echo(self):
|
|
|
|
c = tcp.TCPClient("127.0.0.1", self.port)
|
|
|
|
c.connect()
|
|
|
|
c.rfile.read(10)
|
|
|
|
c.wfile.write("foo")
|
|
|
|
c.close()
|
|
|
|
c.close()
|
2012-06-25 04:16:01 +00:00
|
|
|
|
|
|
|
|
2013-01-25 02:54:41 +00:00
|
|
|
class TestServerTimeOut(test.ServerTestBase):
|
2013-01-25 03:03:59 +00:00
|
|
|
handler = TimeoutHandler
|
2012-09-30 22:30:02 +00:00
|
|
|
def test_timeout(self):
|
|
|
|
c = tcp.TCPClient("127.0.0.1", self.port)
|
|
|
|
c.connect()
|
|
|
|
time.sleep(0.3)
|
|
|
|
assert self.last_handler.timeout
|
|
|
|
|
|
|
|
|
2013-01-25 02:54:41 +00:00
|
|
|
class TestTimeOut(test.ServerTestBase):
|
2013-01-25 03:03:59 +00:00
|
|
|
handler = HangHandler
|
2012-09-30 22:30:02 +00:00
|
|
|
def test_timeout(self):
|
2012-07-21 04:10:54 +00:00
|
|
|
c = tcp.TCPClient("127.0.0.1", self.port)
|
|
|
|
c.connect()
|
|
|
|
c.settimeout(0.1)
|
2013-01-26 08:29:45 +00:00
|
|
|
assert c.gettimeout() == 0.1
|
2012-07-21 04:10:54 +00:00
|
|
|
tutils.raises(tcp.NetLibTimeout, c.rfile.read, 10)
|
|
|
|
|
|
|
|
|
2013-01-25 02:54:41 +00:00
|
|
|
class TestSSLTimeOut(test.ServerTestBase):
|
2013-01-25 03:03:59 +00:00
|
|
|
handler = HangHandler
|
|
|
|
ssl = dict(
|
|
|
|
cert = tutils.test_data.path("data/server.crt"),
|
|
|
|
key = tutils.test_data.path("data/server.key"),
|
2013-05-12 20:48:21 +00:00
|
|
|
request_client_cert = False,
|
2013-01-25 03:03:59 +00:00
|
|
|
v3_only = False
|
|
|
|
)
|
2012-07-21 04:10:54 +00:00
|
|
|
def test_timeout_client(self):
|
|
|
|
c = tcp.TCPClient("127.0.0.1", self.port)
|
|
|
|
c.connect()
|
|
|
|
c.convert_to_ssl()
|
|
|
|
c.settimeout(0.1)
|
|
|
|
tutils.raises(tcp.NetLibTimeout, c.rfile.read, 10)
|
|
|
|
|
|
|
|
|
2012-06-18 21:42:32 +00:00
|
|
|
class TestTCPClient:
|
|
|
|
def test_conerr(self):
|
2012-06-25 02:42:15 +00:00
|
|
|
c = tcp.TCPClient("127.0.0.1", 0)
|
2012-06-24 23:23:04 +00:00
|
|
|
tutils.raises(tcp.NetLibError, c.connect)
|
2012-06-18 21:42:32 +00:00
|
|
|
|
|
|
|
|
|
|
|
class TestFileLike:
|
2012-10-09 03:25:15 +00:00
|
|
|
def test_blocksize(self):
|
|
|
|
s = cStringIO.StringIO("1234567890abcdefghijklmnopqrstuvwxyz")
|
|
|
|
s = tcp.Reader(s)
|
|
|
|
s.BLOCKSIZE = 2
|
|
|
|
assert s.read(1) == "1"
|
|
|
|
assert s.read(2) == "23"
|
|
|
|
assert s.read(3) == "456"
|
|
|
|
assert s.read(4) == "7890"
|
|
|
|
d = s.read(-1)
|
|
|
|
assert d.startswith("abc") and d.endswith("xyz")
|
|
|
|
|
2012-06-18 21:42:32 +00:00
|
|
|
def test_wrap(self):
|
|
|
|
s = cStringIO.StringIO("foobar\nfoobar")
|
|
|
|
s.flush()
|
2012-09-23 23:10:21 +00:00
|
|
|
s = tcp.Reader(s)
|
2012-06-18 21:42:32 +00:00
|
|
|
assert s.readline() == "foobar\n"
|
|
|
|
assert s.readline() == "foobar"
|
|
|
|
# Test __getattr__
|
|
|
|
assert s.isatty
|
|
|
|
|
|
|
|
def test_limit(self):
|
|
|
|
s = cStringIO.StringIO("foobar\nfoobar")
|
2012-09-23 23:10:21 +00:00
|
|
|
s = tcp.Reader(s)
|
2012-06-18 21:42:32 +00:00
|
|
|
assert s.readline(3) == "foo"
|
2012-07-23 23:39:49 +00:00
|
|
|
|
|
|
|
def test_limitless(self):
|
|
|
|
s = cStringIO.StringIO("f"*(50*1024))
|
2012-09-23 23:10:21 +00:00
|
|
|
s = tcp.Reader(s)
|
2012-07-23 23:39:49 +00:00
|
|
|
ret = s.read(-1)
|
|
|
|
assert len(ret) == 50 * 1024
|
2012-09-23 23:10:21 +00:00
|
|
|
|
|
|
|
def test_readlog(self):
|
|
|
|
s = cStringIO.StringIO("foobar\nfoobar")
|
|
|
|
s = tcp.Reader(s)
|
|
|
|
assert not s.is_logging()
|
|
|
|
s.start_log()
|
|
|
|
assert s.is_logging()
|
|
|
|
s.readline()
|
|
|
|
assert s.get_log() == "foobar\n"
|
|
|
|
s.read(1)
|
|
|
|
assert s.get_log() == "foobar\nf"
|
|
|
|
s.start_log()
|
|
|
|
assert s.get_log() == ""
|
|
|
|
s.read(1)
|
|
|
|
assert s.get_log() == "o"
|
|
|
|
s.stop_log()
|
|
|
|
tutils.raises(ValueError, s.get_log)
|
|
|
|
|
|
|
|
def test_writelog(self):
|
|
|
|
s = cStringIO.StringIO()
|
|
|
|
s = tcp.Writer(s)
|
|
|
|
s.start_log()
|
|
|
|
assert s.is_logging()
|
|
|
|
s.write("x")
|
|
|
|
assert s.get_log() == "x"
|
|
|
|
s.write("x")
|
|
|
|
assert s.get_log() == "xx"
|
|
|
|
|
2013-01-26 08:19:35 +00:00
|
|
|
def test_writer_flush_error(self):
|
|
|
|
s = cStringIO.StringIO()
|
|
|
|
s = tcp.Writer(s)
|
|
|
|
o = mock.MagicMock()
|
|
|
|
o.flush = mock.MagicMock(side_effect=socket.error)
|
|
|
|
s.o = o
|
|
|
|
tutils.raises(tcp.NetLibDisconnect, s.flush)
|
|
|
|
|
|
|
|
def test_reader_read_error(self):
|
|
|
|
s = cStringIO.StringIO("foobar\nfoobar")
|
|
|
|
s = tcp.Reader(s)
|
|
|
|
o = mock.MagicMock()
|
|
|
|
o.read = mock.MagicMock(side_effect=socket.error)
|
|
|
|
s.o = o
|
|
|
|
tutils.raises(tcp.NetLibDisconnect, s.read, 10)
|
|
|
|
|
2013-01-16 20:30:19 +00:00
|
|
|
def test_reset_timestamps(self):
|
|
|
|
s = cStringIO.StringIO("foobar\nfoobar")
|
|
|
|
s = tcp.Reader(s)
|
|
|
|
s.first_byte_timestamp = 500
|
|
|
|
s.reset_timestamps()
|
|
|
|
assert not s.first_byte_timestamp
|
|
|
|
|
|
|
|
def test_first_byte_timestamp_updated_on_read(self):
|
|
|
|
s = cStringIO.StringIO("foobar\nfoobar")
|
|
|
|
s = tcp.Reader(s)
|
|
|
|
s.read(1)
|
|
|
|
assert s.first_byte_timestamp
|
|
|
|
expected = s.first_byte_timestamp
|
|
|
|
s.read(5)
|
|
|
|
assert s.first_byte_timestamp == expected
|
|
|
|
|
|
|
|
def test_first_byte_timestamp_updated_on_readline(self):
|
|
|
|
s = cStringIO.StringIO("foobar\nfoobar\nfoobar")
|
|
|
|
s = tcp.Reader(s)
|
|
|
|
s.readline()
|
|
|
|
assert s.first_byte_timestamp
|
|
|
|
expected = s.first_byte_timestamp
|
|
|
|
s.readline()
|
|
|
|
assert s.first_byte_timestamp == expected
|
2013-01-27 06:21:18 +00:00
|
|
|
|