Ticket #6286: move-_parseSSL-to-CertificateOptions-6286-v2.patch

File move-_parseSSL-to-CertificateOptions-6286-v2.patch, 6.4 KB (added by Hynek Schlawack, 7 years ago)

Same as before, using SSLv23 as default method.

  • twisted/internet/endpoints.py

    # Bazaar merge directive format 2 (Bazaar 0.90)
    # revision_id: hs@ox.cx-20130302174936-1fv7lhb1ao8ruows
    # target_branch: file:///Users/hynek/Projects/Twisted/trunk/
    # testament_sha1: 0c513a4a69c4d230efdefd5315c9340fe4c13d90
    # timestamp: 2013-03-02 18:50:36 +0100
    # base_revision_id: svn-v4:bbbe8e31-12d6-0310-92fd-\
    #   ac37d47ddeeb:trunk:37359
    # 
    # Begin patch
    === modified file 'twisted/internet/endpoints.py'
     
    764764        certKey = privateKey
    765765    kw = {}
    766766    if sslmethod is not None:
    767         kw['sslmethod'] = getattr(ssl.SSL, sslmethod)
    768     cf = ssl.DefaultOpenSSLContextFactory(privateKey, certKey, **kw)
     767        kw['method'] = getattr(ssl.SSL, sslmethod)
     768    else:
     769        kw['method'] = ssl.SSL.SSLv23_METHOD
     770    certPEM = FilePath(certKey).getContent()
     771    keyPEM = FilePath(privateKey).getContent()
     772    cf = ssl.CertificateOptions(
     773        privateKey=ssl.PrivateCertificate.loadPEM(
     774            keyPEM + certPEM).privateKey.original,
     775        certificate=ssl.Certificate.loadPEM(certPEM).original, **kw)
    769776    return ((int(port), factory, cf),
    770777            {'interface': interface, 'backlog': int(backlog)})
    771778
  • twisted/internet/test/test_endpoints.py

    === modified file 'twisted/internet/test/test_endpoints.py'
     
    4747    from twisted.test.test_sslverify import makeCertificate
    4848    from twisted.internet.ssl import CertificateOptions, Certificate, \
    4949        KeyPair, PrivateCertificate
    50     from OpenSSL.SSL import ContextType
     50    from OpenSSL.SSL import ContextType, SSLv23_METHOD, TLSv1_METHOD
    5151    testCertificate = Certificate.loadPEM(pemPath.getContent())
    5252    testPrivateCertificate = PrivateCertificate.loadPEM(pemPath.getContent())
    5353
     
    13941394        server = endpoints.serverFromString(
    13951395            reactor,
    13961396            "ssl:1234:backlog=12:privateKey=%s:"
    1397             "certKey=%s:interface=10.0.0.1" % (escapedPEMPathName,
    1398                                               escapedPEMPathName))
     1397            "certKey=%s:sslmethod=TLSv1_METHOD:interface=10.0.0.1"
     1398            % (escapedPEMPathName, escapedPEMPathName))
    13991399        self.assertIsInstance(server, endpoints.SSL4ServerEndpoint)
    14001400        self.assertIdentical(server._reactor, reactor)
    14011401        self.assertEqual(server._port, 1234)
    14021402        self.assertEqual(server._backlog, 12)
    14031403        self.assertEqual(server._interface, "10.0.0.1")
     1404        self.assertEqual(server._sslContextFactory.method, TLSv1_METHOD)
     1405        ctx = server._sslContextFactory.getContext()
     1406        self.assertIsInstance(ctx, ContextType)
     1407
     1408
     1409    def test_sslWithDefaults(self):
     1410        """
     1411        An SSL strport description with minimal arguments returns a properly
     1412        initialized L{SSL4ServerEndpoint} instance.
     1413        """
     1414        reactor = object()
     1415        server = endpoints.serverFromString(
     1416            reactor, "ssl:4321:privateKey=%s" % (escapedPEMPathName,))
     1417        self.assertIsInstance(server, endpoints.SSL4ServerEndpoint)
     1418        self.assertIdentical(server._reactor, reactor)
     1419        self.assertEqual(server._port, 4321)
     1420        self.assertEqual(server._backlog, 50)
     1421        self.assertEqual(server._interface, "")
     1422        self.assertEqual(server._sslContextFactory.method, SSLv23_METHOD)
    14041423        ctx = server._sslContextFactory.getContext()
    14051424        self.assertIsInstance(ctx, ContextType)
    14061425
    14071426    if skipSSL:
    1408         test_ssl.skip = skipSSL
     1427        test_ssl.skip = test_sslWithDefaults = skipSSL
    14091428
    14101429
    14111430    def test_unix(self):