3 ,sYC1@sFdZddlmZmZeZddlmZddlm Z ddl m Z ddl m Z ddlmZmZmZddlmZmZmZdd lmZmZdd lmZmZmZdd lmZdd lm Z dd l!m"Z"ddl#m$Z$ddl%m&Z&ddl'm(Z(m)Z)ddl*m+Z+m,Z,m-Z-yddl.m/Z/Wne0k rdZ/YnXddl1m2Z2m3Z3ddl1m4Z4GdddZ5Gddde6Z7eeGddde6Z8Gddde+e7Z9Gddde6Z:Gd d!d!e5e e,Z;Gd"d#d#e+e7Ze?j@e=jAe?j@e;jAe?j@e>jAGd(d)d)e e)e7ZBe?j@eBjAdS)*z0 Tests for implementations of L{ITLSTransport}. )divisionabsolute_import) implementer) networkString)FilePath)ReactorBuilder) ServerFactory ClientFactoryProtocol) IReactorSSL ITLSTransportIStreamClientEndpoint)Deferred DeferredList)SSL4ServerEndpointSSL4ClientEndpointTCP4ClientEndpoint)ConnectionClosed) Cooperator)SkipTest)platform)ObjectModelIntegrationMixin)StreamTransportTestsMixinAbortConnectionMixin)EndpointCreatorConnectionTestsMixinBrokenContextFactory) FILETYPE_PEMN)PrivateCertificateKeyPair)ClientContextFactoryc@s(eZdZegZejr$dZeedZdS)TLSMixinzcFor some reason, these reactors don't deal with SSL disconnection correctly on Windows. See #3371.)z*twisted.internet.glib2reactor.Glib2Reactorz(twisted.internet.gtk2reactor.Gtk2ReactorN) __name__ __module__ __qualname__r requiredInterfacesrZ isWindowsmsgZskippedReactorsr'r'@/usr/lib/python3/dist-packages/twisted/internet/test/test_tls.pyr!+s r!c@s@eZdZddlZeeejjdjdZ [ddZ ddZ dS) ContextGeneratingMixinrNstests server.pemcCs(|jj}tj|tj|tt}|jS)zM Return a new SSL context suitable for use in a test server. )_pemZ getContentrloadrrZoptions)selfZpemZcertr'r'r(getServerContext=s z'ContextGeneratingMixin.getServerContextcCstS)N)r )r,r'r'r(getClientContextGsz'ContextGeneratingMixin.getClientContext) r"r#r$Ztwistedrr__file__ZsiblingZchildr*r-r.r'r'r'r(r)7s  r)c@s eZdZdZddZddZdS)StartTLSClientEndpointa! An endpoint which wraps another one and adds a TLS layer immediately when connections are set up. @ivar wrapped: A L{IStreamClientEndpoint} provider which will be used to really set up connections. @ivar contextFactory: A L{ContextFactory} to use to do TLS. cCs||_||_dS)N)wrappedcontextFactory)r,r1r2r'r'r(__init__XszStartTLSClientEndpoint.__init__cs$Gfdddt}jj|S)z Establish a connection using a protocol build by C{factory} and immediately start TLS on it. Return a L{Deferred} which fires with the protocol instance. cseZdZfddZdS)z6StartTLSClientEndpoint.connect..WrapperFactorycs(j|jffdd }|_S)Ncsjjj|dS)N) transportstartTLSr2)Zorig)protocolr,r'r(connectionMadehsz\StartTLSClientEndpoint.connect..WrapperFactory.buildProtocol..connectionMade) buildProtocolr7)Z wrapperSelfZaddrr7)factoryr,)r6r(r8fs zDStartTLSClientEndpoint.connect..WrapperFactory.buildProtocolN)r"r#r$r8r')r9r,r'r(WrapperFactoryesr:)rr1connect)r,r9r:r')r9r,r(r;]s zStartTLSClientEndpoint.connectN)r"r#r$__doc__r3r;r'r'r'r(r0Ls r0c@s eZdZdZddZddZdS)StartTLSClientCreatorz{ Create L{ITLSTransport.startTLS} endpoint for the client, and normal SSL for server just because it's easier. cCst|d|jS)z Construct an SSL server endpoint. This should be constructing a TCP server endpoint which immediately calls C{startTLS} instead, but that is hard. r)rr-)r,reactorr'r'r(serverwszStartTLSClientCreator.servercCstt|d|jtS)zS Construct a TCP client endpoint wrapped to immediately start TLS. z 127.0.0.1)r0rportr )r,r> serverAddressr'r'r(clients zStartTLSClientCreator.clientN)r"r#r$r<r?rBr'r'r'r(r=rs r=c@seZdZdZddZdS)BadContextTestsMixinz Mixin for L{ReactorBuilder} subclasses which defines a helper for testing the handling of broken context factories. cCs0|j}|jt||t}|jtjt|dS)a Assert that the exception raised by a broken context factory's C{getContext} method is raised by some reactor method. If it is not, an exception will be raised to fail the test. @param useIt: A two-argument callable which will be called with a reactor and a broken context factory and which is expected to raise the same exception as the broken context factory's C{getContext} method. N) buildReactorZ assertRaises ValueErrorrZ assertEqualmessagestr)r,useItr>excr'r'r(_testBadContexts z$BadContextTestsMixin._testBadContextN)r"r#r$r<rJr'r'r'r(rCsrCc@seZdZdZeZdS)StartTLSClientTestsMixinz Tests for TLS connections established using L{ITLSTransport.startTLS} (as opposed to L{IReactorSSL.connectSSL} or L{IReactorSSL.listenSSL}). N)r"r#r$r<r= endpointsr'r'r'r(rKsrKc@s eZdZdZddZddZdS) SSLCreatorz Create SSL endpoints. cCst|d|jS)zQ Create an SSL server endpoint on a TCP/IP-stack allocated port. r)rr-)r,r>r'r'r(r?szSSLCreator.servercCst|d|jtS)z Create an SSL client endpoint which will connect localhost on the port given by C{serverAddress}. @type serverAddress: L{IPv4Address} z 127.0.0.1)rr@r )r,r>rAr'r'r(rBszSSLCreator.clientN)r"r#r$r<r?rBr'r'r'r(rMsrMc@s&eZdZdZeZddZddZdS)SSLClientTestsMixinz< Mixin defining tests relating to L{ITLSTransport}. cCsdd}|j|dS)z If the context factory passed to L{IReactorSSL.connectSSL} raises an exception from its C{getContext} method, that exception is raised by L{IReactorSSL.connectSSL}. cSs|jddt|S)Nz 127.0.0.1i)Z connectSSLr )r>r2r'r'r(rHsz2SSLClientTestsMixin.test_badContext..useItN)rJ)r,rHr'r'r(test_badContextsz#SSLClientTestsMixin.test_badContextcs Gdddt}|jt}t|_||_|j|_t}t|_||_|j |_|jj |j_ gt |j|jgdd}fdd}|j |j d|dd }|j|jj|jj|jj|}|j|j|j fd d |jdjtd jtd S)aO L{ITCPTransport.loseConnection} ends a connection which was set up with L{ITLSTransport.startTLS} and which has recently been written to. This is intended to verify that a socket send error masked by the TLS implementation doesn't prevent the connection from being reported as closed. c@s$eZdZddZddZddZdS)zQSSLClientTestsMixin.test_disconnectAfterWriteAfterStartTLS..ShortProtocolcSsNtj|js.|jj}d|j_|jtddS|jj|jj|jj ddS)NzNo ITLSTransport supportx) r Z providedByr4r9finishedZerrbackrr5contextwrite)r,rQr'r'r(r7s z`SSLClientTestsMixin.test_disconnectAfterWriteAfterStartTLS..ShortProtocol.connectionMadecSs|jjd|jjdS)Ny)r4rSZloseConnection)r,datar'r'r( dataReceiveds z^SSLClientTestsMixin.test_disconnectAfterWriteAfterStartTLS..ShortProtocol.dataReceivedcSs&|jj}|dk r"d|j_|j|dS)N)r9rQcallback)r,reasonrQr'r'r(connectionLostsz`SSLClientTestsMixin.test_disconnectAfterWriteAfterStartTLS..ShortProtocol.connectionLostN)r"r#r$r7rVrYr'r'r'r( ShortProtocols rZT)Z consumeErrorscs"j|dd|ddgdS)Nr)extend)Zresults)lostConnectionResultsr'r( cbFinishedszNSSLClientTestsMixin.test_disconnectAfterWriteAfterStartTLS..cbFinishedrz 127.0.0.1)Z interfacecsjS)N)stop)Zign)r>r'r(szLSSLClientTestsMixin.test_disconnectAfterWriteAfterStartTLS..r[N)r rDrrrQr6r-rRr r.methodrZ addCallbackZ listenTCPZ addCleanupZ stopListeningZ connectTCPgetHosthostr@Z disconnectZ runReactorZtrapr)r,rZZ serverFactoryZ clientFactoryrQr^r@Z connectorr')r]r>r(&test_disconnectAfterWriteAfterStartTLSs4!         z:SSLClientTestsMixin.test_disconnectAfterWriteAfterStartTLSN)r"r#r$r<rMrLrOrdr'r'r'r(rNs rNc@s0eZdZdZddZddZddZdd Zd S) TLSPortTestsBuilderz, Tests for L{IReactorSSL.listenSSL} cCs|jd||jS)z0 Get a TLS port from a reactor. r) listenSSLr-)r,r>r9r'r'r(getListeningPort'sz$TLSPortTestsBuilder.getListeningPortcCsd||jjfS)zY Get the message expected to be logged when a TLS port starts listening. z%s (TLS) starting on %d)rbr@)r,r@r9r'r'r(#getExpectedStartListeningLogMessage.sz7TLSPortTestsBuilder.getExpectedStartListeningLogMessagecCsd|jjfS)zJ Get the expected connection lost message for a TLS port. z(TLS Port %s Closed))rbr@)r,r@r'r'r(getExpectedConnectionLostLogMsg5sz3TLSPortTestsBuilder.getExpectedConnectionLostLogMsgcCsdd}|j|dS)z If the context factory passed to L{IReactorSSL.listenSSL} raises an exception from its C{getContext} method, that exception is raised by L{IReactorSSL.listenSSL}. cSs|jdt|S)Nr)rfr)r>r2r'r'r(rHBsz2TLSPortTestsBuilder.test_badContext..useItN)rJ)r,rHr'r'r(rO<sz#TLSPortTestsBuilder.test_badContextN)r"r#r$r<rgrhrirOr'r'r'r(re!s rec@s,eZdZdZefZeZddZddZ dS)AbortSSLConnectionTestsz- C{abortConnection} tests using SSL. cs<tj|ddlm}tfddd}|j|d|jS)Nr)_producer_helperscs jd|S)Ngh㈵>)Z callLater)x)r>r'r(r`\sz6AbortSSLConnectionTests.buildReactor..)Z scheduler cooperate)rrDZtwisted.internetrkrZpatchrm)r,rkZ cooperatorr')r>r(rDUs   z$AbortSSLConnectionTests.buildReactorcCstdkrtddS)NzOpenSSL not available.)rr)r,r'r'r(setUpaszAbortSSLConnectionTests.setUpN) r"r#r$r<r r%rMrLrDrnr'r'r'r(rjNs  rj)Cr<Z __future__rrtypeZ __metaclass__Zzope.interfacerZtwisted.python.compatrZtwisted.python.filepathrZ#twisted.internet.test.reactormixinsrZtwisted.internet.protocolrr r Ztwisted.internet.interfacesr r r Ztwisted.internet.deferrrZtwisted.internet.endpointsrrrZtwisted.internet.errorrZtwisted.internet.taskrZtwisted.trial.unittestrZtwisted.python.runtimerZtwisted.internet.test.test_corerZtwisted.internet.test.test_tcprrZ&twisted.internet.test.connectionmixinsrrrZOpenSSL.cryptor ImportErrorZtwisted.internet.sslrrr r!objectr)r0r=rCrKrMrNreglobalsupdateZmakeTestCaseClassesrjr'r'r'r(sR            % ^%