o b%4 @s0dZddlmZmZmZddlmZmZddlm Z m Z ddl m Z m Z mZddlmZddlmZmZmZddlmZmZmZdd lmZdd lmZmZmZdd lm Z dd l!m"Z"m#Z#m$Z$dd l%m&Z&ddl'm(Z(ddl)m*Z*ddl+m,Z,zddl-m.Z.Wn e/ydZ.Yn wddl0m1Z1m2Z2m3Z3GdddZ4GdddZ5eeGdddZ6Gdddee5Z7GdddZ8Gddde4e eZ9Gd d!d!ee5Z:Gd"d#d#e4e e5ee8Z;Gd$d%d%e4e5e8e#e$e Ze;?e=>e9?e=>e<?Gd&d'd'e e"e5Z@e=>e@?dS)(z0 Tests for implementations of L{ITLSTransport}. )OptionalSequenceType) Interface implementer)Deferred DeferredList)SSL4ClientEndpointSSL4ServerEndpointTCP4ClientEndpoint)ConnectionClosed) IReactorSSLIStreamClientEndpoint ITLSTransport) ClientFactoryProtocol ServerFactory) Cooperator)BrokenContextFactoryConnectionTestsMixinEndpointCreator)ReactorBuilder)AbortConnectionMixinConnectToTCPListenerMixinStreamTransportTestsMixin) networkString)FilePath)platform)SkipTest) FILETYPE_PEMN)ClientContextFactoryKeyPairPrivateCertificatec@sBeZdZUegZeeeee d<e rdZ e e dZ dSdS)TLSMixinrequiredInterfaceszcFor some reason, these reactors don't deal with SSL disconnection correctly on Windows. See #3371.)z*twisted.internet.glib2reactor.Glib2Reactorz(twisted.internet.gtk2reactor.Gtk2ReactorN)__name__ __module__ __qualname__r r$rrrr__annotations__r isWindowsmsgskippedReactorsr,r,@/usr/lib/python3/dist-packages/twisted/internet/test/test_tls.pyr#3s  r#c@s@eZdZddlZeeejddZ [ddZ ddZ dS) ContextGeneratingMixinrNstests server.pemcCs(|j}t|t|tt}|S)zM Return a new SSL context suitable for use in a test server. )_pem getContentr"loadr!roptions)selfpemcertr,r,r-getServerContextIs z'ContextGeneratingMixin.getServerContextcCstSN)r r3r,r,r-getClientContextSsz'ContextGeneratingMixin.getClientContext) r%r&r'twistedrr__file__siblingchildr/r6r9r,r,r,r-r.As r.c@ eZdZdZddZddZdS)StartTLSClientEndpointa! An endpoint which wraps another one and adds a TLS layer immediately when connections are set up. @ivar wrapped: A L{IStreamClientEndpoint} provider which will be used to really set up connections. @ivar contextFactory: A L{ContextFactory} to use to do TLS. cCs||_||_dSr7)wrappedcontextFactory)r3r@rAr,r,r-__init__cs zStartTLSClientEndpoint.__init__cs$Gfdddt}j|S)z Establish a connection using a protocol build by C{factory} and immediately start TLS on it. Return a L{Deferred} which fires with the protocol instance. cseZdZfddZdS)z6StartTLSClientEndpoint.connect..WrapperFactorycs(|jffdd }|_S)Ncsjj|dSr7) transportstartTLSrA)orig)protocolr3r,r-connectionMadess z\StartTLSClientEndpoint.connect..WrapperFactory.buildProtocol..connectionMade) buildProtocolrG) wrapperSelfaddrrGfactoryr3)rFr-rHps zDStartTLSClientEndpoint.connect..WrapperFactory.buildProtocolN)r%r&r'rHr,rKr,r-WrapperFactoryosrM)rr@connect)r3rLrMr,rKr-rNgs zStartTLSClientEndpoint.connectN)r%r&r'__doc__rBrNr,r,r,r-r?Ws r?c@r>)StartTLSClientCreatorz{ Create L{ITLSTransport.startTLS} endpoint for the client, and normal SSL for server just because it's easier. cCt|d|S)z Construct an SSL server endpoint. This should be constructing a TCP server endpoint which immediately calls C{startTLS} instead, but that is hard. rr r6r3reactorr,r,r-serverszStartTLSClientCreator.servercCstt|d|jtS)zS Construct a TCP client endpoint wrapped to immediately start TLS. 127.0.0.1)r?r portr r3rT serverAddressr,r,r-clients zStartTLSClientCreator.clientNr%r&r'rOrUrZr,r,r,r-rP}s rPc@seZdZdZddZdS)BadContextTestsMixinz Mixin for L{ReactorBuilder} subclasses which defines a helper for testing the handling of broken context factories. cCs0|}|t||t}|tjt|dS)a Assert that the exception raised by a broken context factory's C{getContext} method is raised by some reactor method. If it is not, an exception will be raised to fail the test. @param useIt: A two-argument callable which will be called with a reactor and a broken context factory and which is expected to raise the same exception as the broken context factory's C{getContext} method. N) buildReactor assertRaises ValueErrorr assertEqualmessagestr)r3useItrTexcr,r,r-_testBadContexts z$BadContextTestsMixin._testBadContextN)r%r&r'rOrer,r,r,r-r\s r\c@seZdZdZeZdS)StartTLSClientTestsMixinz Tests for TLS connections established using L{ITLSTransport.startTLS} (as opposed to L{IReactorSSL.connectSSL} or L{IReactorSSL.listenSSL}). N)r%r&r'rOrP endpointsr,r,r,r-rfs rfc@r>) SSLCreatorz Create SSL endpoints. cCrQ)zQ Create an SSL server endpoint on a TCP/IP-stack allocated port. rrRrSr,r,r-rUszSSLCreator.servercCst|d|jtS)z Create an SSL client endpoint which will connect localhost on the port given by C{serverAddress}. @type serverAddress: L{IPv4Address} rV)r rWr rXr,r,r-rZs zSSLCreator.clientNr[r,r,r,r-rhs rhc@s&eZdZdZeZddZddZdS)SSLClientTestsMixinz< Mixin defining tests relating to L{ITLSTransport}. cCdd}||dS)z If the context factory passed to L{IReactorSSL.connectSSL} raises an exception from its C{getContext} method, that exception is raised by L{IReactorSSL.connectSSL}. cSs|ddt|S)NrVi) connectSSLrrTrAr,r,r-rcs z2SSLClientTestsMixin.test_badContext..useItNrer3rcr,r,r-test_badContextsz#SSLClientTestsMixin.test_badContextcs Gdddt}|t}t|_||_||_t}t|_||_| |_|jj |j_ gt |j|jgdd}fdd}| |j d|dd }||j|j|j|}||j| fd d |dtd td S)aO L{ITCPTransport.loseConnection} ends a connection which was set up with L{ITLSTransport.startTLS} and which has recently been written to. This is intended to verify that a socket send error masked by the TLS implementation doesn't prevent the connection from being reported as closed. c@s$eZdZddZddZddZdS)zQSSLClientTestsMixin.test_disconnectAfterWriteAfterStartTLS..ShortProtocolcSsNt|js|jj}d|j_|tddS|j|jj|j ddS)NzNo ITLSTransport supportx) r providedByrCrLfinishederrbackrrDcontextwrite)r3rrr,r,r-rGs z`SSLClientTestsMixin.test_disconnectAfterWriteAfterStartTLS..ShortProtocol.connectionMadecSs|jd|jdS)Ny)rCruloseConnection)r3datar,r,r- dataReceiveds z^SSLClientTestsMixin.test_disconnectAfterWriteAfterStartTLS..ShortProtocol.dataReceivedcSs*|jj}|durd|j_||dSdSr7)rLrrcallback)r3reasonrrr,r,r-connectionLosts z`SSLClientTestsMixin.test_disconnectAfterWriteAfterStartTLS..ShortProtocol.connectionLostN)r%r&r'rGryr|r,r,r,r- ShortProtocols r}T) consumeErrorscs"|dd|ddgdS)Nr)extend)results)lostConnectionResultsr,r- cbFinished"s"zNSSLClientTestsMixin.test_disconnectAfterWriteAfterStartTLS..cbFinishedrrV) interfacecsSr7)stop)ignrTr,r-/szLSSLClientTestsMixin.test_disconnectAfterWriteAfterStartTLS..rN)rr]rrrrrFr6rtrr9methodr addCallback listenTCP addCleanup stopListening connectTCPgetHosthostrW disconnect runReactortrapr )r3r} serverFactory clientFactoryrrrrW connectorr,)rrTr-&test_disconnectAfterWriteAfterStartTLSs6 !         z:SSLClientTestsMixin.test_disconnectAfterWriteAfterStartTLSN)r%r&r'rOrhrgrorr,r,r,r-ris  ric@s8eZdZdZddZddZddZdd Zd d Zd S) TLSPortTestsBuilderz, Tests for L{IReactorSSL.listenSSL} cCs|d||S)z0 Get a TLS port from a reactor. r) listenSSLr6)r3rTrLr,r,r-getListeningPortAz$TLSPortTestsBuilder.getListeningPortcCsd||jfS)zY Get the message expected to be logged when a TLS port starts listening. z%s (TLS) starting on %drrW)r3rWrLr,r,r-#getExpectedStartListeningLogMessageGrz7TLSPortTestsBuilder.getExpectedStartListeningLogMessagecCsd|jdS)zJ Get the expected connection lost message for a TLS port. z (TLS Port z Closed)r)r3rWr,r,r-getExpectedConnectionLostLogMsgMrz3TLSPortTestsBuilder.getExpectedConnectionLostLogMsgcCrj)z If the context factory passed to L{IReactorSSL.listenSSL} raises an exception from its C{getContext} method, that exception is raised by L{IReactorSSL.listenSSL}. cSs|dt|S)Nr)rrrlr,r,r-rcZsz2TLSPortTestsBuilder.test_badContext..useItNrmrnr,r,r-roSsz#TLSPortTestsBuilder.test_badContextcCs||j|j||S)a Connect to the given listening TLS port, assuming the underlying transport is TCP. @param reactor: The reactor under test. @type reactor: L{IReactorSSL} @param address: The listening's address. Only the C{port} component is used; see L{ConnectToTCPListenerMixin.LISTENER_HOST}. @type address: L{IPv4Address} or L{IPv6Address} @param factory: The client factory. @type factory: L{ClientFactory} @return: The connector )rk LISTENER_HOSTrWr9)r3rTaddressrLr,r,r-connectToListener_s z%TLSPortTestsBuilder.connectToListenerN) r%r&r'rOrrrrorr,r,r,r-r5s rc@s,eZdZdZefZeZddZddZ dS)AbortSSLConnectionTestsz- C{abortConnection} tests using SSL. cs<t|ddlm}tfddd}||d|jS)Nr)_producer_helperscs d|S)Ngh㈵>) callLater)xrr,r-rs z6AbortSSLConnectionTests.buildReactor..) scheduler cooperate)rr]twisted.internetrrpatchr)r3r cooperatorr,rr-r]s  z$AbortSSLConnectionTests.buildReactorcCstdurtddS)NzOpenSSL not available.)rrr8r,r,r-setUpszAbortSSLConnectionTests.setUpN) r%r&r'rOr r$rhrgr]rr,r,r,r-r~s  r)ArOtypingrrrzope.interfacerrtwisted.internet.deferrrtwisted.internet.endpointsr r r twisted.internet.errorr twisted.internet.interfacesr rrtwisted.internet.protocolrrrtwisted.internet.taskr&twisted.internet.test.connectionmixinsrrr#twisted.internet.test.reactormixinsrtwisted.internet.test.test_tcprrrtwisted.python.compatrtwisted.python.filepathrtwisted.python.runtimertwisted.trial.unittestrOpenSSL.cryptor ImportErrortwisted.internet.sslr r!r"r#r.r?rPr\rfrhrirglobalsupdatemakeTestCaseClassesrr,r,r,r-sh        %  jD