tls.py (1477:b93d1acf81bd) tls.py (1596:b7e2d4d92624)
1import os
2import re
3import ssl
4import subprocess
5
6from unit.applications.proto import TestApplicationProto
1import os
2import re
3import ssl
4import subprocess
5
6from unit.applications.proto import TestApplicationProto
7from conftest import option
7
8
9class TestApplicationTLS(TestApplicationProto):
8
9
10class TestApplicationTLS(TestApplicationProto):
10 def __init__(self, test):
11 super().__init__(test)
11 def setup_method(self):
12 super().setup_method()
12
13 self.context = ssl.create_default_context()
14 self.context.check_hostname = False
15 self.context.verify_mode = ssl.CERT_NONE
16
17 @classmethod
13
14 self.context = ssl.create_default_context()
15 self.context.check_hostname = False
16 self.context.verify_mode = ssl.CERT_NONE
17
18 @classmethod
18 def setUpClass(cls, complete_check=True):
19 unit = super().setUpClass(complete_check=False)
19 def setup_class(cls, complete_check=True):
20 unit = super().setup_class(complete_check=False)
20
21 # check tls module
22
23 try:
24 subprocess.check_output(['which', 'openssl'])
25
26 output = subprocess.check_output(
27 [unit.unitd, '--version'], stderr=subprocess.STDOUT

--- 12 unchanged lines hidden (view full) ---

40
41 subprocess.call(
42 [
43 'openssl',
44 'req',
45 '-x509',
46 '-new',
47 '-subj', '/CN=' + name + '/',
21
22 # check tls module
23
24 try:
25 subprocess.check_output(['which', 'openssl'])
26
27 output = subprocess.check_output(
28 [unit.unitd, '--version'], stderr=subprocess.STDOUT

--- 12 unchanged lines hidden (view full) ---

41
42 subprocess.call(
43 [
44 'openssl',
45 'req',
46 '-x509',
47 '-new',
48 '-subj', '/CN=' + name + '/',
48 '-config', self.testdir + '/openssl.conf',
49 '-out', self.testdir + '/' + name + '.crt',
50 '-keyout', self.testdir + '/' + name + '.key',
49 '-config', self.temp_dir + '/openssl.conf',
50 '-out', self.temp_dir + '/' + name + '.crt',
51 '-keyout', self.temp_dir + '/' + name + '.key',
51 ],
52 stderr=subprocess.STDOUT,
53 )
54
55 if load:
56 self.certificate_load(name)
57
58 def certificate_load(self, crt, key=None):
59 if key is None:
60 key = crt
61
52 ],
53 stderr=subprocess.STDOUT,
54 )
55
56 if load:
57 self.certificate_load(name)
58
59 def certificate_load(self, crt, key=None):
60 if key is None:
61 key = crt
62
62 key_path = self.testdir + '/' + key + '.key'
63 crt_path = self.testdir + '/' + crt + '.crt'
63 key_path = self.temp_dir + '/' + key + '.key'
64 crt_path = self.temp_dir + '/' + crt + '.crt'
64
65 with open(key_path, 'rb') as k, open(crt_path, 'rb') as c:
66 return self.conf(k.read() + c.read(), '/certificates/' + crt)
67
68 def get_ssl(self, **kwargs):
69 return self.get(wrapper=self.context.wrap_socket, **kwargs)
70
71 def post_ssl(self, **kwargs):

--- 10 unchanged lines hidden (view full) ---

82 ssl_version = ssl.PROTOCOL_TLSv1_2
83
84 else:
85 ssl_version = ssl.PROTOCOL_TLSv1_1
86
87 return ssl.get_server_certificate(addr, ssl_version=ssl_version)
88
89 def openssl_conf(self):
65
66 with open(key_path, 'rb') as k, open(crt_path, 'rb') as c:
67 return self.conf(k.read() + c.read(), '/certificates/' + crt)
68
69 def get_ssl(self, **kwargs):
70 return self.get(wrapper=self.context.wrap_socket, **kwargs)
71
72 def post_ssl(self, **kwargs):

--- 10 unchanged lines hidden (view full) ---

83 ssl_version = ssl.PROTOCOL_TLSv1_2
84
85 else:
86 ssl_version = ssl.PROTOCOL_TLSv1_1
87
88 return ssl.get_server_certificate(addr, ssl_version=ssl_version)
89
90 def openssl_conf(self):
90 conf_path = self.testdir + '/openssl.conf'
91 conf_path = self.temp_dir + '/openssl.conf'
91
92 if os.path.exists(conf_path):
93 return
94
95 with open(conf_path, 'w') as f:
96 f.write(
97 """[ req ]
98default_bits = 2048
99encrypt_key = no
100distinguished_name = req_distinguished_name
101[ req_distinguished_name ]"""
102 )
103
104 def load(self, script, name=None):
105 if name is None:
106 name = script
107
92
93 if os.path.exists(conf_path):
94 return
95
96 with open(conf_path, 'w') as f:
97 f.write(
98 """[ req ]
99default_bits = 2048
100encrypt_key = no
101distinguished_name = req_distinguished_name
102[ req_distinguished_name ]"""
103 )
104
105 def load(self, script, name=None):
106 if name is None:
107 name = script
108
108 script_path = self.current_dir + '/python/' + script
109 script_path = option.test_dir + '/python/' + script
109
110 self._load_conf(
111 {
112 "listeners": {"*:7080": {"pass": "applications/" + name}},
113 "applications": {
114 name: {
115 "type": "python",
116 "processes": {"spare": 0},
117 "path": script_path,
118 "working_directory": script_path,
119 "module": "wsgi",
120 }
121 },
122 }
123 )
110
111 self._load_conf(
112 {
113 "listeners": {"*:7080": {"pass": "applications/" + name}},
114 "applications": {
115 name: {
116 "type": "python",
117 "processes": {"spare": 0},
118 "path": script_path,
119 "working_directory": script_path,
120 "module": "wsgi",
121 }
122 },
123 }
124 )