[pypy-commit] pypy py3k: merge kcr's ssl fixes
pjenvey
noreply at buildbot.pypy.org
Tue Mar 19 01:13:14 CET 2013
Author: Philip Jenvey <pjenvey at underboss.org>
Branch: py3k
Changeset: r62429:08881cb00b0b
Date: 2013-03-18 17:12 -0700
http://bitbucket.org/pypy/pypy/changeset/08881cb00b0b/
Log: merge kcr's ssl fixes
diff --git a/pypy/module/_ssl/interp_ssl.py b/pypy/module/_ssl/interp_ssl.py
--- a/pypy/module/_ssl/interp_ssl.py
+++ b/pypy/module/_ssl/interp_ssl.py
@@ -8,7 +8,7 @@
from rpython.rlib.rarithmetic import intmask
from rpython.rlib import rpoll, rsocket
from rpython.rlib.ropenssl import *
-from rpython.rlib.rposix import get_errno
+from rpython.rlib.rposix import get_errno, set_errno
from pypy.module._socket import interp_socket
import weakref
@@ -185,6 +185,8 @@
else:
keyfile = space.str_w(w_keyfile)
+ set_errno(0)
+
ret = libssl_SSL_CTX_use_certificate_chain_file(self.ctx, certfile)
if ret != 1:
errno = get_errno()
@@ -222,6 +224,7 @@
if cafile is None and capath is None:
raise OperationError(space.w_TypeError, space.wrap(
"cafile and capath cannot be both omitted"))
+ set_errno(0)
ret = libssl_SSL_CTX_load_verify_locations(
self.ctx, cafile, capath)
if ret != 1:
diff --git a/pypy/module/_ssl/test/test_ssl.py b/pypy/module/_ssl/test/test_ssl.py
--- a/pypy/module/_ssl/test/test_ssl.py
+++ b/pypy/module/_ssl/test/test_ssl.py
@@ -185,13 +185,21 @@
tmpfile = udir / "cert.pem"
tmpfile.write(SSL_CERTIFICATE)
cls.w_cert = cls.space.wrap(str(tmpfile))
+ tmpfile = udir / "badcert.pem"
+ tmpfile.write(SSL_BADCERT)
+ cls.w_badcert = cls.space.wrap(str(tmpfile))
+ tmpfile = udir / "emptycert.pem"
+ tmpfile.write(SSL_EMPTYCERT)
+ cls.w_emptycert = cls.space.wrap(str(tmpfile))
def test_load_cert_chain(self):
import _ssl
ctx = _ssl._SSLContext(_ssl.PROTOCOL_TLSv1)
- raises(IOError, ctx.load_cert_chain, "inexistent.pem")
ctx.load_cert_chain(self.keycert)
ctx.load_cert_chain(self.cert, self.key)
+ raises(IOError, ctx.load_cert_chain, "inexistent.pem")
+ raises(_ssl.SSLError, ctx.load_cert_chain, self.badcert)
+ raises(_ssl.SSLError, ctx.load_cert_chain, self.emptycert)
def test_load_verify_locations(self):
import _ssl
@@ -204,6 +212,12 @@
raises(ValueError, _ssl._SSLContext, -1)
raises(ValueError, _ssl._SSLContext, 42)
+ def test_options(self):
+ import _ssl
+ ctx = _ssl._SSLContext(_ssl.PROTOCOL_TLSv1)
+ assert _ssl.OP_ALL == ctx.options
+
+
SSL_CERTIFICATE = """
-----BEGIN CERTIFICATE-----
@@ -241,3 +255,42 @@
SPIXQuT8RMPDVNQ=
-----END PRIVATE KEY-----
"""
+SSL_BADCERT = """
+-----BEGIN RSA PRIVATE KEY-----
+MIICXwIBAAKBgQC8ddrhm+LutBvjYcQlnH21PPIseJ1JVG2HMmN2CmZk2YukO+9L
+opdJhTvbGfEj0DQs1IE8M+kTUyOmuKfVrFMKwtVeCJphrAnhoz7TYOuLBSqt7lVH
+fhi/VwovESJlaBOp+WMnfhcduPEYHYx/6cnVapIkZnLt30zu2um+DzA9jQIDAQAB
+AoGBAK0FZpaKj6WnJZN0RqhhK+ggtBWwBnc0U/ozgKz2j1s3fsShYeiGtW6CK5nU
+D1dZ5wzhbGThI7LiOXDvRucc9n7vUgi0alqPQ/PFodPxAN/eEYkmXQ7W2k7zwsDA
+IUK0KUhktQbLu8qF/m8qM86ba9y9/9YkXuQbZ3COl5ahTZrhAkEA301P08RKv3KM
+oXnGU2UHTuJ1MAD2hOrPxjD4/wxA/39EWG9bZczbJyggB4RHu0I3NOSFjAm3HQm0
+ANOu5QK9owJBANgOeLfNNcF4pp+UikRFqxk5hULqRAWzVxVrWe85FlPm0VVmHbb/
+loif7mqjU8o1jTd/LM7RD9f2usZyE2psaw8CQQCNLhkpX3KO5kKJmS9N7JMZSc4j
+oog58yeYO8BBqKKzpug0LXuQultYv2K4veaIO04iL9VLe5z9S/Q1jaCHBBuXAkEA
+z8gjGoi1AOp6PBBLZNsncCvcV/0aC+1se4HxTNo2+duKSDnbq+ljqOM+E7odU+Nq
+ewvIWOG//e8fssd0mq3HywJBAJ8l/c8GVmrpFTx8r/nZ2Pyyjt3dH1widooDXYSV
+q6Gbf41Llo5sYAtmxdndTLASuHKecacTgZVhy0FryZpLKrU=
+-----END RSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+Just bad cert data
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXwIBAAKBgQC8ddrhm+LutBvjYcQlnH21PPIseJ1JVG2HMmN2CmZk2YukO+9L
+opdJhTvbGfEj0DQs1IE8M+kTUyOmuKfVrFMKwtVeCJphrAnhoz7TYOuLBSqt7lVH
+fhi/VwovESJlaBOp+WMnfhcduPEYHYx/6cnVapIkZnLt30zu2um+DzA9jQIDAQAB
+AoGBAK0FZpaKj6WnJZN0RqhhK+ggtBWwBnc0U/ozgKz2j1s3fsShYeiGtW6CK5nU
+D1dZ5wzhbGThI7LiOXDvRucc9n7vUgi0alqPQ/PFodPxAN/eEYkmXQ7W2k7zwsDA
+IUK0KUhktQbLu8qF/m8qM86ba9y9/9YkXuQbZ3COl5ahTZrhAkEA301P08RKv3KM
+oXnGU2UHTuJ1MAD2hOrPxjD4/wxA/39EWG9bZczbJyggB4RHu0I3NOSFjAm3HQm0
+ANOu5QK9owJBANgOeLfNNcF4pp+UikRFqxk5hULqRAWzVxVrWe85FlPm0VVmHbb/
+loif7mqjU8o1jTd/LM7RD9f2usZyE2psaw8CQQCNLhkpX3KO5kKJmS9N7JMZSc4j
+oog58yeYO8BBqKKzpug0LXuQultYv2K4veaIO04iL9VLe5z9S/Q1jaCHBBuXAkEA
+z8gjGoi1AOp6PBBLZNsncCvcV/0aC+1se4HxTNo2+duKSDnbq+ljqOM+E7odU+Nq
+ewvIWOG//e8fssd0mq3HywJBAJ8l/c8GVmrpFTx8r/nZ2Pyyjt3dH1widooDXYSV
+q6Gbf41Llo5sYAtmxdndTLASuHKecacTgZVhy0FryZpLKrU=
+-----END RSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+Just bad cert data
+-----END CERTIFICATE-----
+"""
+SSL_EMPTYCERT = ""
More information about the pypy-commit
mailing list