[Python-Dev] Other SSL issues in the tracker have been marked

[Bill Janssen]

Here's a patch that will turn the buildbots green, by not trying the
connected tests if the certificate can't be created.  It also shows
the created cert if run in verbose mode.

We still need a working os.system command for Windows.

Bill


Index: Lib/test/test_ssl.py
===================================================================
--- Lib/test/test_ssl.py	(revision 57534)
+++ Lib/test/test_ssl.py	(working copy)
@@ -194,7 +194,8 @@
                         self.server.stop()
                         self.running = False
                     else:
-                        #sys.stdout.write("\nserver: %s\n" % msg.strip().lower())
+                        if test_support.verbose:
+                            sys.stdout.write("\nserver: %s\n" % msg.strip().lower())
                         sslconn.write(msg.lower())
                 except ssl.sslerror:
                     sys.stdout.write("Test server failure:\n" + string.join(
@@ -243,7 +244,8 @@
         while self.active:
             try:
                 newconn, connaddr = self.sock.accept()
-                #sys.stdout.write('\nserver:  new connection from ' + str(connaddr) + '\n')
+                if test_support.verbose:
+                    sys.stdout.write('\nserver:  new connection from ' + str(connaddr) + '\n')
                 handler = self.ConnectionHandler(self, newconn)
                 handler.start()
             except socket.timeout:
@@ -322,19 +324,21 @@
         (conffile, crtfile, crtfile))
     # now we have a self-signed server cert in crtfile
     os.unlink(conffile)
-    if error or not os.path.exists(crtfile) or os.path.getsize(crtfile) == 0:
-        raise test_support.TestFailed(
-            "Unable to create certificate for test %d." % error)
-    return d, crtfile
+    if (error or
+        (not os.path.exists(crtfile)) or
+        (os.path.getsize(crtfile) == 0)):
+        if test_support.verbose:
+            sys.stdout.write("\nUnable to create certificate for test.  "
+                             "Error status %d.\n" % (error >> 8))
+        shutil.rmtree(d)
+        return None, None
+    else:
+        if test_support.verbose:
+            sys.stdout.write(open(crtfile, 'r').read() + '\n')
+        return d, crtfile
 
-    # XXX(nnorwitz): should this code be removed now?
-    #sf_certfile = os.path.join(d, "sourceforge-imap.pem")
-    #sf_cert = ssl.fetch_server_certificate('pop.gmail.com', 995)
-    #open(sf_certfile, 'w').write(sf_cert)
-    #return d, crtfile, sf_certfile
-    # sys.stderr.write(open(crtfile, 'r').read() + '\n')
 
-def test_main():
+def test_main(verbose=False):
     if skip_expected:
         raise test_support.TestSkipped("socket module has no ssl support")
 
@@ -344,13 +348,16 @@
     tests = [BasicTests]
 
     server = None
-    if test_support.is_resource_enabled('network'):
+    if CERTFILE and test_support.is_resource_enabled('network'):
         server = ThreadedEchoServer(10024, CERTFILE)
         flag = threading.Event()
         server.start(flag)
         # wait for it to start
         flag.wait()
         tests.append(ConnectedTests)
+    else:
+        if test_support.verbose:
+            sys.stdout.write("\nSkipping test_ssl ConnectedTests; couldn't create a certificate.\n")
 
     thread_info = test_support.threading_setup()
 
@@ -362,7 +369,8 @@
             # wait for it to stop
             server.join()
 
-    shutil.rmtree(tdir)
+    if tdir and os.path.isdir(tdir):
+        shutil.rmtree(tdir)
     test_support.threading_cleanup(*thread_info)
 
 if __name__ == "__main__":