| Server IP : 52.223.31.75 / Your IP : 172.31.32.98 [ Web Server : Apache/2.4.66 () OpenSSL/1.0.2k-fips PHP/7.4.33 System : Linux ip-172-31-14-81.eu-central-1.compute.internal 4.14.281-212.502.amzn2.x86_64 #1 SMP Thu May 26 09:52:17 UTC 2022 x86_64 User : apache ( 48) PHP Version : 7.4.33 Disable Function : NONE Domains : 4 Domains MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : OFF Directory : /lib/python2.7/site-packages/ndg/httpsclient/test/ |
Upload File : |
"""unit tests module for ndg.httpsclient.https.HTTPSconnection class
PyOpenSSL utility to make a httplib-like interface suitable for use with
urllib2
"""
__author__ = "P J Kershaw (STFC)"
__date__ = "06/01/12"
__copyright__ = "(C) 2012 Science and Technology Facilities Council"
__license__ = "BSD - see LICENSE file in top-level directory"
__contact__ = "Philip.Kershaw@stfc.ac.uk"
__revision__ = '$Id$'
import logging
logging.basicConfig(level=logging.DEBUG)
log = logging.getLogger(__name__)
import unittest
import socket
from OpenSSL import SSL
from ndg.httpsclient.test import Constants
from ndg.httpsclient.https import HTTPSConnection
from ndg.httpsclient.ssl_peer_verification import ServerSSLCertVerification
class TestHTTPSConnection(unittest.TestCase):
'''Test ndg HTTPS client HTTPSConnection class'''
def test01_open(self):
conn = HTTPSConnection(Constants.HOSTNAME, port=Constants.PORT)
conn.connect()
conn.request('GET', '/')
resp = conn.getresponse()
print('Response = %s' % resp.read())
conn.close()
def test02_open_fails(self):
conn = HTTPSConnection(Constants.HOSTNAME, port=Constants.PORT2)
self.failUnlessRaises(socket.error, conn.connect)
def test03_ssl_verification_of_peer_fails(self):
ctx = SSL.Context(SSL.SSLv3_METHOD)
def verify_callback(conn, x509, errnum, errdepth, preverify_ok):
log.debug('SSL peer certificate verification failed for %r',
x509.get_subject())
return preverify_ok
ctx.set_verify(SSL.VERIFY_PEER, verify_callback)
ctx.set_verify_depth(9)
# Set bad location - unit test dir has no CA certs to verify with
ctx.load_verify_locations(None, Constants.UNITTEST_DIR)
conn = HTTPSConnection(Constants.HOSTNAME, port=Constants.PORT,
ssl_context=ctx)
conn.connect()
self.failUnlessRaises(SSL.Error, conn.request, 'GET', '/')
def test03_ssl_verification_of_peer_succeeds(self):
ctx = SSL.Context(SSL.SSLv3_METHOD)
verify_callback = lambda conn, x509, errnum, errdepth, preverify_ok: \
preverify_ok
ctx.set_verify(SSL.VERIFY_PEER, verify_callback)
ctx.set_verify_depth(9)
# Set correct location for CA certs to verify with
ctx.load_verify_locations(None, Constants.CACERT_DIR)
conn = HTTPSConnection(Constants.HOSTNAME, port=Constants.PORT,
ssl_context=ctx)
conn.connect()
conn.request('GET', '/')
resp = conn.getresponse()
print('Response = %s' % resp.read())
def test04_ssl_verification_with_subj_alt_name(self):
ctx = SSL.Context(SSL.SSLv3_METHOD)
verify_callback = ServerSSLCertVerification(hostname='localhost')
ctx.set_verify(SSL.VERIFY_PEER, verify_callback)
ctx.set_verify_depth(9)
# Set correct location for CA certs to verify with
ctx.load_verify_locations(None, Constants.CACERT_DIR)
conn = HTTPSConnection(Constants.HOSTNAME, port=Constants.PORT,
ssl_context=ctx)
conn.connect()
conn.request('GET', '/')
resp = conn.getresponse()
print('Response = %s' % resp.read())
def test04_ssl_verification_with_subj_common_name(self):
ctx = SSL.Context(SSL.SSLv3_METHOD)
# Explicitly set verification of peer hostname using peer certificate
# subject common name
verify_callback = ServerSSLCertVerification(hostname='localhost',
subj_alt_name_match=False)
ctx.set_verify(SSL.VERIFY_PEER, verify_callback)
ctx.set_verify_depth(9)
# Set correct location for CA certs to verify with
ctx.load_verify_locations(None, Constants.CACERT_DIR)
conn = HTTPSConnection(Constants.HOSTNAME, port=Constants.PORT,
ssl_context=ctx)
conn.connect()
conn.request('GET', '/')
resp = conn.getresponse()
print('Response = %s' % resp.read())
if __name__ == "__main__":
unittest.main()