diff options
author | Maximilian Hils <git@maximilianhils.com> | 2022-05-13 05:53:44 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-05-13 11:53:44 +0800 |
commit | b31622b369618746e54242ebfcc305154bf0ef59 (patch) | |
tree | 282921166cdadf03476a6c12d960dd92bb42751e /tests | |
parent | 3e4d61ab10a74510dd14b232d46d5eed87eddd09 (diff) | |
download | pyopenssl-b31622b369618746e54242ebfcc305154bf0ef59.tar.gz |
add `Connection.set_verify`, fix #255 (#1073)
* add `Connection.set_verify`, fix #255
* show that it works with cryptography main
* Revert "show that it works with cryptography main"
This reverts commit fb0136a8e5aa5d2c6e0c16f8f4ecee2f3c72a16b.
* make it black
Diffstat (limited to 'tests')
-rw-r--r-- | tests/test_ssl.py | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/tests/test_ssl.py b/tests/test_ssl.py index 56748fa..5e69ace 100644 --- a/tests/test_ssl.py +++ b/tests/test_ssl.py @@ -2630,6 +2630,52 @@ class TestConnection: server = Connection(ctx, None) assert None is server.get_verified_chain() + def test_set_verify_overrides_context(self): + context = Context(SSLv23_METHOD) + context.set_verify(VERIFY_PEER) + conn = Connection(context, None) + conn.set_verify(VERIFY_NONE) + + assert context.get_verify_mode() == VERIFY_PEER + assert conn.get_verify_mode() == VERIFY_NONE + + with pytest.raises(TypeError): + conn.set_verify(None) + + with pytest.raises(TypeError): + conn.set_verify(VERIFY_PEER, "not a callable") + + def test_set_verify_callback_reference(self): + """ + The callback for certificate verification should only be forgotten if + the context and all connections created by it do not use it anymore. + """ + + def callback(conn, cert, errnum, depth, ok): # pragma: no cover + return ok + + tracker = ref(callback) + + context = Context(SSLv23_METHOD) + context.set_verify(VERIFY_PEER, callback) + del callback + + conn = Connection(context, None) + context.set_verify(VERIFY_NONE) + + collect() + collect() + assert tracker() + + conn.set_verify(VERIFY_PEER, lambda conn, cert, errnum, depth, ok: ok) + collect() + collect() + callback = tracker() + if callback is not None: # pragma: nocover + referrers = get_referrers(callback) + if len(referrers) > 1: + pytest.fail("Some references remain: %r" % (referrers,)) + def test_get_session_unconnected(self): """ `Connection.get_session` returns `None` when used with an object |