diff options
| author | Jenkins <jenkins@review.openstack.org> | 2015-05-22 21:32:39 +0000 |
|---|---|---|
| committer | Gerrit Code Review <review@openstack.org> | 2015-05-22 21:32:39 +0000 |
| commit | ab7b6871c2e1551f3afcdeb8c9fd2a1b0d960979 (patch) | |
| tree | 26812b695e78b5ebbf4ceecd6d161bb2a0acb24b | |
| parent | 905e14800269f05256695a5a19e845e45a685af9 (diff) | |
| parent | 91255f1edd39804847ce80c65fcbf73e126853f3 (diff) | |
| download | keystone-ab7b6871c2e1551f3afcdeb8c9fd2a1b0d960979.tar.gz | |
Merge "Deal with PEP-0476 certificate chaining checking" into stable/icehouse
| -rw-r--r-- | keystone/tests/test_ssl.py | 37 |
1 files changed, 27 insertions, 10 deletions
diff --git a/keystone/tests/test_ssl.py b/keystone/tests/test_ssl.py index ecfdf3b8f..8c142ac34 100644 --- a/keystone/tests/test_ssl.py +++ b/keystone/tests/test_ssl.py @@ -35,8 +35,25 @@ CLIENT = os.path.join(CERTDIR, 'middleware.pem') class SSLTestCase(tests.TestCase): def setUp(self): super(SSLTestCase, self).setUp() + # NOTE(jamespage): + # Deal with more secure certificate chain verification + # introduced in python 2.7.9 under PEP-0476 + # https://github.com/python/peps/blob/master/pep-0476.txt + self.context = None + if hasattr(ssl, '_create_unverified_context'): + self.context = ssl._create_unverified_context() self.load_backends() + def get_HTTPSConnection(self, *args): + """Simple helper to configure HTTPSConnection objects.""" + if self.context: + return environment.httplib.HTTPSConnection( + *args, + context=self.context + ) + else: + return environment.httplib.HTTPSConnection(*args) + def test_1way_ssl_ok(self): """Make sure both public and admin API work with 1-way SSL.""" paste_conf = self._paste_config('keystone') @@ -44,7 +61,7 @@ class SSLTestCase(tests.TestCase): # Verify Admin with appserver.AppServer(paste_conf, appserver.ADMIN, **ssl_kwargs): - conn = environment.httplib.HTTPSConnection( + conn = self.get_HTTPSConnection( '127.0.0.1', CONF.admin_port) conn.request('GET', '/') resp = conn.getresponse() @@ -52,7 +69,7 @@ class SSLTestCase(tests.TestCase): # Verify Public with appserver.AppServer(paste_conf, appserver.MAIN, **ssl_kwargs): - conn = environment.httplib.HTTPSConnection( + conn = self.get_HTTPSConnection( '127.0.0.1', CONF.public_port) conn.request('GET', '/') resp = conn.getresponse() @@ -68,7 +85,7 @@ class SSLTestCase(tests.TestCase): # Verify Admin with appserver.AppServer(paste_conf, appserver.ADMIN, **ssl_kwargs): - conn = environment.httplib.HTTPSConnection( + conn = self.get_HTTPSConnection( '127.0.0.1', CONF.admin_port, CLIENT, CLIENT) conn.request('GET', '/') resp = conn.getresponse() @@ -76,7 +93,7 @@ class SSLTestCase(tests.TestCase): # Verify Public with appserver.AppServer(paste_conf, appserver.MAIN, **ssl_kwargs): - conn = environment.httplib.HTTPSConnection( + conn = self.get_HTTPSConnection( '127.0.0.1', CONF.public_port, CLIENT, CLIENT) conn.request('GET', '/') resp = conn.getresponse() @@ -91,14 +108,14 @@ class SSLTestCase(tests.TestCase): # Verify Admin with appserver.AppServer(paste_conf, appserver.ADMIN, **ssl_kwargs): - conn = environment.httplib.HTTPSConnection('::1', CONF.admin_port) + conn = self.get_HTTPSConnection('::1', CONF.admin_port) conn.request('GET', '/') resp = conn.getresponse() self.assertEqual(300, resp.status) # Verify Public with appserver.AppServer(paste_conf, appserver.MAIN, **ssl_kwargs): - conn = environment.httplib.HTTPSConnection('::1', CONF.public_port) + conn = self.get_HTTPSConnection('::1', CONF.public_port) conn.request('GET', '/') resp = conn.getresponse() self.assertEqual(300, resp.status) @@ -116,7 +133,7 @@ class SSLTestCase(tests.TestCase): # Verify Admin with appserver.AppServer(paste_conf, appserver.ADMIN, **ssl_kwargs): - conn = environment.httplib.HTTPSConnection( + conn = self.get_HTTPSConnection( '::1', CONF.admin_port, CLIENT, CLIENT) conn.request('GET', '/') resp = conn.getresponse() @@ -124,7 +141,7 @@ class SSLTestCase(tests.TestCase): # Verify Public with appserver.AppServer(paste_conf, appserver.MAIN, **ssl_kwargs): - conn = environment.httplib.HTTPSConnection( + conn = self.get_HTTPSConnection( '::1', CONF.public_port, CLIENT, CLIENT) conn.request('GET', '/') resp = conn.getresponse() @@ -137,7 +154,7 @@ class SSLTestCase(tests.TestCase): # Verify Admin with appserver.AppServer(paste_conf, appserver.ADMIN, **ssl_kwargs): - conn = environment.httplib.HTTPSConnection( + conn = self.get_HTTPSConnection( '127.0.0.1', CONF.admin_port) try: conn.request('GET', '/') @@ -147,7 +164,7 @@ class SSLTestCase(tests.TestCase): # Verify Public with appserver.AppServer(paste_conf, appserver.MAIN, **ssl_kwargs): - conn = environment.httplib.HTTPSConnection( + conn = self.get_HTTPSConnection( '127.0.0.1', CONF.public_port) try: conn.request('GET', '/') |