pathod: properly verify certificate in tests

2024-11-23 00:01:36 +00:00 · 2017-05-24 17:22:59 +02:00 · 2017-05-24 17:22:59 +02:00 · 673ed5b45e
commit 673ed5b45e
parent 6214c6e185
2 changed files with 14 additions and 30 deletions
--- a/test/pathod/test_test.py
+++ b/test/pathod/test_test.py
@ -1,15 +1,10 @@
-import logging
+import os
 import requests
 import pytest

-from pathod import test
-
 from mitmproxy.test import tutils
-
-import requests.packages.urllib3
-
-requests.packages.urllib3.disable_warnings()
-logging.disable(logging.CRITICAL)
+from pathod import test
+from pathod.pathod import SSLOptions, CA_CERT_NAME


 class TestDaemonManual:
@ -22,29 +17,17 @@ class TestDaemonManual:
        with pytest.raises(requests.ConnectionError):
            requests.get("http://localhost:%s/p/202:da" % d.port)

-    def test_startstop_ssl(self):
-        d = test.Daemon(ssl=True)
-        rsp = requests.get(
-            "https://localhost:%s/p/202:da" %
-            d.port,
-            verify=False)
-        assert rsp.ok
-        assert rsp.status_code == 202
-        d.shutdown()
-        with pytest.raises(requests.ConnectionError):
-            requests.get("http://localhost:%s/p/202:da" % d.port)
-
-    def test_startstop_ssl_explicit(self):
-        ssloptions = dict(
-            certfile=tutils.test_data.path("pathod/data/testkey.pem"),
-            cacert=tutils.test_data.path("pathod/data/testkey.pem"),
-            ssl_after_connect=False
+    @pytest.mark.parametrize('not_after_connect', [True, False])
+    def test_startstop_ssl(self, not_after_connect):
+        ssloptions = SSLOptions(
+            cn=b'localhost',
+            sans=[b'localhost', b'127.0.0.1'],
+            not_after_connect=not_after_connect,
        )
-        d = test.Daemon(ssl=ssloptions)
+        d = test.Daemon(ssl=True, ssloptions=ssloptions)
        rsp = requests.get(
-            "https://localhost:%s/p/202:da" %
-            d.port,
-            verify=False)
+            "https://localhost:%s/p/202:da" % d.port,
+            verify=os.path.join(d.thread.server.ssloptions.confdir, CA_CERT_NAME))
        assert rsp.ok
        assert rsp.status_code == 202
        d.shutdown()
--- a/test/pathod/tservers.py
+++ b/test/pathod/tservers.py
@ -13,6 +13,7 @@ from pathod import language
 from pathod import pathoc
 from pathod import pathod
 from pathod import test
+from pathod.pathod import CA_CERT_NAME


 def treader(bytes):
@ -72,7 +73,7 @@ class DaemonTests:
                self.d.port,
                path
            ),
-            verify=False,
+            verify=os.path.join(self.d.thread.server.ssloptions.confdir, CA_CERT_NAME),
            params=params
        )
        return resp