diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2020-08-03 22:47:37 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-08-03 23:47:37 -0400 |
| commit | 9a80576f9fa841d0045f90e495055f8c61d49496 (patch) | |
| tree | 7f0b14243e7ee626279dfae849a1a7b8ecbc2c67 /tests | |
| parent | 688538cc0e84b1cb168de78be509cd63bf397763 (diff) | |
| download | pyopenssl-9a80576f9fa841d0045f90e495055f8c61d49496.tar.gz | |
remove npn support entirely. you should be using alpn (#932)
* remove npn support entirely. you should be using alpn
* flake8
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/test_ssl.py | 184 |
1 files changed, 0 insertions, 184 deletions
diff --git a/tests/test_ssl.py b/tests/test_ssl.py index daaafae..8f34a4d 100644 --- a/tests/test_ssl.py +++ b/tests/test_ssl.py @@ -1764,190 +1764,6 @@ class TestServerNameCallback(object): assert args == [(server, b"foo1.example.com")] -@pytest.mark.skipif( - not _lib.Cryptography_HAS_NEXTPROTONEG, reason="NPN is not available" -) -class TestNextProtoNegotiation(object): - """ - Test for Next Protocol Negotiation in PyOpenSSL. - """ - - def test_npn_success(self): - """ - Tests that clients and servers that agree on the negotiated next - protocol can correct establish a connection, and that the agreed - protocol is reported by the connections. - """ - advertise_args = [] - select_args = [] - - def advertise(conn): - advertise_args.append((conn,)) - return [b"http/1.1", b"spdy/2"] - - def select(conn, options): - select_args.append((conn, options)) - return b"spdy/2" - - server_context = Context(SSLv23_METHOD) - server_context.set_npn_advertise_callback(advertise) - - client_context = Context(SSLv23_METHOD) - client_context.set_npn_select_callback(select) - - # Necessary to actually accept the connection - server_context.use_privatekey( - load_privatekey(FILETYPE_PEM, server_key_pem) - ) - server_context.use_certificate( - load_certificate(FILETYPE_PEM, server_cert_pem) - ) - - # Do a little connection to trigger the logic - server = Connection(server_context, None) - server.set_accept_state() - - client = Connection(client_context, None) - client.set_connect_state() - - interact_in_memory(server, client) - - assert advertise_args == [(server,)] - assert select_args == [(client, [b"http/1.1", b"spdy/2"])] - - assert server.get_next_proto_negotiated() == b"spdy/2" - assert client.get_next_proto_negotiated() == b"spdy/2" - - def test_npn_client_fail(self): - """ - Tests that when clients and servers cannot agree on what protocol - to use next that the TLS connection does not get established. - """ - advertise_args = [] - select_args = [] - - def advertise(conn): - advertise_args.append((conn,)) - return [b"http/1.1", b"spdy/2"] - - def select(conn, options): - select_args.append((conn, options)) - return b"" - - server_context = Context(SSLv23_METHOD) - server_context.set_npn_advertise_callback(advertise) - - client_context = Context(SSLv23_METHOD) - client_context.set_npn_select_callback(select) - - # Necessary to actually accept the connection - server_context.use_privatekey( - load_privatekey(FILETYPE_PEM, server_key_pem) - ) - server_context.use_certificate( - load_certificate(FILETYPE_PEM, server_cert_pem) - ) - - # Do a little connection to trigger the logic - server = Connection(server_context, None) - server.set_accept_state() - - client = Connection(client_context, None) - client.set_connect_state() - - # If the client doesn't return anything, the connection will fail. - with pytest.raises(Error): - interact_in_memory(server, client) - - assert advertise_args == [(server,)] - assert select_args == [(client, [b"http/1.1", b"spdy/2"])] - - def test_npn_select_error(self): - """ - Test that we can handle exceptions in the select callback. If - select fails it should be fatal to the connection. - """ - advertise_args = [] - - def advertise(conn): - advertise_args.append((conn,)) - return [b"http/1.1", b"spdy/2"] - - def select(conn, options): - raise TypeError - - server_context = Context(SSLv23_METHOD) - server_context.set_npn_advertise_callback(advertise) - - client_context = Context(SSLv23_METHOD) - client_context.set_npn_select_callback(select) - - # Necessary to actually accept the connection - server_context.use_privatekey( - load_privatekey(FILETYPE_PEM, server_key_pem) - ) - server_context.use_certificate( - load_certificate(FILETYPE_PEM, server_cert_pem) - ) - - # Do a little connection to trigger the logic - server = Connection(server_context, None) - server.set_accept_state() - - client = Connection(client_context, None) - client.set_connect_state() - - # If the callback throws an exception it should be raised here. - with pytest.raises(TypeError): - interact_in_memory(server, client) - assert advertise_args == [ - (server,), - ] - - def test_npn_advertise_error(self): - """ - Test that we can handle exceptions in the advertise callback. If - advertise fails no NPN is advertised to the client. - """ - select_args = [] - - def advertise(conn): - raise TypeError - - def select(conn, options): # pragma: nocover - """ - Assert later that no args are actually appended. - """ - select_args.append((conn, options)) - return b"" - - server_context = Context(SSLv23_METHOD) - server_context.set_npn_advertise_callback(advertise) - - client_context = Context(SSLv23_METHOD) - client_context.set_npn_select_callback(select) - - # Necessary to actually accept the connection - server_context.use_privatekey( - load_privatekey(FILETYPE_PEM, server_key_pem) - ) - server_context.use_certificate( - load_certificate(FILETYPE_PEM, server_cert_pem) - ) - - # Do a little connection to trigger the logic - server = Connection(server_context, None) - server.set_accept_state() - - client = Connection(client_context, None) - client.set_connect_state() - - # If the client doesn't return anything, the connection will fail. - with pytest.raises(TypeError): - interact_in_memory(server, client) - assert select_args == [] - - class TestApplicationLayerProtoNegotiation(object): """ Tests for ALPN in PyOpenSSL. |