o HXîh2fã @sŽddlZddlZddlZddlmZddlmZddlmZddlmZddlm Z ddlm Z ddl Z ddl Z ddl Z ddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZzddlZWn e y‰dZYnwddl!Z!e! "¡e! #de$¡ddl%Z%Wdƒn1s§wYe &d ¡Z'ddl(Z(dd l'm)Z)m*Z*m+Z+m,Z,e-ed ƒZ.e.oÌejd kZ/e0e'j1ƒZ2ej3Z3e'j4d kZ5e 6d¡Z7iZ8dD]\Z9Z:z e;e'e9ƒZ9e;e'j)e:ƒZ:Wn ee ?e>¡Z@e=dƒZAe=dƒZBe ?eA¡ZCe ?eB¡ZDe=dƒZEe=dƒZFdZGe=dƒZHe ?eH¡ZIe=ddƒZJe=ddƒZKddddddd d!œZLe=d"ƒZMe=d#ƒZNd$ZOd%d&d'd(d)d*d+ddd d,œ ZPe=d-ƒZQd.ZRe=d/ƒZSd0ZTe=dd1ƒZUe=d2ƒZVe=d3ƒZWe=d4ƒZXd$ZYd5ZZe=d6ƒZ[e=d7ƒZ\e=d8ƒZ]e=d9ƒZ^e=d:ƒZ_e=d;ƒZ`e=d<ƒZae=d=ƒZbe ?eb¡Zce;e'd>dƒZde;e'd?dƒZee;e'd@dƒZfe;e'dAdƒZge;e'dBdƒZhdCdD„ZieiƒrÑdEdF„ZjndGdF„ZjdHdI„ZkejldJdK„ƒZmdLdM„ZndNdO„ZodPdQ„Zpe jqe$dRZre'jsdddddSœdTdU„ZteNfdVdWœdXdY„ZuGdZd[„d[ejvƒZwGd\d]„d]ejvƒZxGd^d_„d_ejvƒZyGd`da„daejvƒZzGdbdc„dcejvƒZ{Gddde„deejvƒZ|e }df¡Gdgdh„dhejvƒƒZ~d‰didj„Zdkdl„Z€ddmlm‚Z‚Gdndo„doejƒƒZ„Gdpdq„dqejƒƒZ… r  dŠdtdu„Z† d‹dvdw„Z‡Gdxdy„dyejvƒZˆe ‰emdzƒd{¡Gd|d}„d}ejvƒƒZŠe-e'j‹d~ƒZŒe ‰eŒd¡ZGd€d„dejvƒZŽd‚dƒ„ZGd„d…„d…ejvƒZd†d‡„Z‘e’dˆkrÅe “¡dSdS)ŒéN)Úsupport)Ú import_helper)Ú os_helper)Ú socket_helper)Úthreading_helper)Úwarnings_helperÚignoreÚssl)Ú TLSVersionÚ_TLSContentTypeÚ_TLSMessageTypeÚ _TLSAlertTypeÚgettotalrefcountÚwin32)érrÚPY_SSL_DEFAULT_CIPHERS))ÚPROTOCOL_SSLv23ÚSSLv3)ÚPROTOCOL_TLSv1ÚTLSv1)ÚPROTOCOL_TLSv1_1ÚTLSv1_1cGstjjtj t¡g|¢RŽS©N)ÚosÚpathÚjoinÚdirnameÚ__file__©Úname©r ú7/opt/python-3.10.19/usr/lib/python3.10/test/test_ssl.pyÚ data_fileBór"z keycert.pemz ssl_cert.pemz ssl_key.pemzkeycert.passwd.pemzssl_key.passwd.pemZsomepassÚcapathz 4e1295a3.0z 5ed36f99.0)©)Ú countryNameZXY©)Ú localityNamezCastle Anthrax©)ÚorganizationNamezPython Software Foundation))Ú commonNameÚ localhostzAug 26 14:23:15 2028 GMTzAug 29 14:23:15 2018 GMTZ98A7CF88C74A32ED))ÚDNSr,r©ÚissuerÚnotAfterÚ notBeforeÚ serialNumberÚsubjectÚsubjectAltNameÚversionzrevocation.crlz keycert3.pemr,)z)http://testca.pythontest.net/testca/ocsp/)z0http://testca.pythontest.net/testca/pycacert.cer)z2http://testca.pythontest.net/testca/revocation.crl)r%))r*úPython Software Foundation CA))r+z our-ca-serverzOct 28 14:23:16 2037 GMTzAug 29 14:23:16 2018 GMTZCB2D80995A69525C) ÚOCSPÚ caIssuersÚcrlDistributionPointsr/r0r1r2r3r4r5z keycert4.pemÚ fakehostnamezkeycertecc.pemz localhost-eccz ceff1710.0z allsans.pemz idnsans.pemz nosan.pemzself-signed.pythontest.netú nullcert.pemú badcert.pemzXXXnonexisting.pemú badkey.pemz nokia.pemznullbytecert.pemztalos-2019-0758.pemz ffdh3072.pemÚOP_NO_COMPRESSIONÚOP_SINGLE_DH_USEÚOP_SINGLE_ECDH_USEÚOP_CIPHER_SERVER_PREFERENCEÚOP_ENABLE_MIDDLEBOX_COMPATcCsVz tddd}d| ¡vWdƒWS1swYWdSty*YdSw)Nz/etc/os-releasezutf-8)ÚencodingZubuntuF)ÚopenÚreadÚFileNotFoundError)Úfr r r!Ú is_ubuntu¤s (ÿ ÿrHcGs0|D]}t|dƒr|jtjjkr| d¡qdS)z@"Lower security level to '1' and allow all ciphers for TLS 1.0/1Úminimum_versionz@SECLEVEL=1:ALLN)ÚhasattrrIr r rÚ set_ciphers)ÚctxsÚctxr r r!Úseclevel_workaround®sÿ €ûrNcGódSrr )rLr r r!rN·ócCsTt|tƒrtt|dƒ}|durdS|tjtjtjhvrdS|j}t|t dƒd…ƒS)z€Check if a TLS protocol is available and enabled :param protocol: enum ssl._SSLMethod member or name :return: bool NFTZ PROTOCOL_) Ú isinstanceÚstrÚgetattrr Ú PROTOCOL_TLSÚPROTOCOL_TLS_SERVERÚPROTOCOL_TLS_CLIENTrÚhas_tls_versionÚlen)Úprotocolrr r r!Úhas_tls_protocol»s  þrZcCs¨|dkrdSt|tƒrtjj|}ttd|j›ƒsdStr&|tjjkr&dSt  tj ¡}t |dƒr?|j tjj kr?||j kr?dSt |dƒrR|jtjjkrR||jkrRdSdS)z{Check if a TLS/SSL version is enabled :param version: TLS version name or ssl.TLSVersion member :return: bool ÚSSLv2FZHAS_rIÚmaximum_versionT)rQrRr r Ú __members__rSrÚIS_OPENSSL_3_0_0ÚTLSv1_2Ú SSLContextrVrJrIÚMINIMUM_SUPPORTEDr\ÚMAXIMUM_SUPPORTED)r5rMr r r!rWÐs(   ÿ ÿ rWcs‡fdd„}|S)z•Decorator to skip tests when a required TLS version is not available :param version: TLS version name or ssl.TLSVersion member :return: cst ˆ¡‡‡fdd„ƒ}|S)Ncs&tˆƒs t ˆ›d¡‚ˆ|i|¤ŽS)Nz is not available.)rWÚunittestZSkipTest)ÚargsÚkw)Úfuncr5r r!Úwrappersz8requires_tls_version..decorator..wrapper)Ú functoolsÚwraps)rfrg©r5)rfr!Ú decoratorÿsz'requires_tls_version..decoratorr )r5rkr rjr!Úrequires_tls_versionùs rlcCs2d tjt ¡Ž¡}tjrtj ||¡dSdS)Nú ) rÚ tracebackÚformat_exceptionÚsysÚexc_inforÚverboseÚstdoutÚwrite)ÚprefixZ exc_formatr r r!Ú handle_error sÿrvcCs$tjrt ¡jdkrtj Stj S©Nr)ÚtimeÚdaylightÚ localtimeÚtm_isdstÚaltzoneÚtimezoner r r r!Ú utc_offsetsr~)Úcategory)Ú cert_reqsÚca_certsÚciphersÚcertfileÚkeyfilecKsœ| d¡st|d<t tj¡}nt tj¡}|dur%|tjkr"d|_||_|dur.|  |¡|dus6|dur<|  ||¡|durE|  |¡|j |fi|¤ŽS)NÚ server_sideÚserver_hostnameF) ÚgetÚSIGNED_CERTFILE_HOSTNAMEr r`rVrUÚ CERT_NONEÚcheck_hostnameÚ verify_modeÚload_verify_locationsÚload_cert_chainrKÚ wrap_socket)Úsockr€rr‚rƒr„ÚkwargsÚcontextr r r!Útest_wrap_sockets      r’T©Ú server_chaincCsv|tkrt}n|tkrt}n |tkrt}nt|ƒ‚t tj ¡}|  t ¡t tj ¡}|  |¡|r6|  t ¡|||fS)zUCreate context client_context, server_context, hostname = testing_context() )ÚSIGNED_CERTFILErˆÚSIGNED_CERTFILE2ÚSIGNED_CERTFILE2_HOSTNAMEÚ NOSANFILEÚNOSAN_HOSTNAMEÚ ValueErrorr r`rVrŒÚ SIGNING_CArUr)Z server_certr”ÚhostnameÚclient_contextÚserver_contextr r r!Útesting_context2s      rŸc@sšeZdZdd„Zdd„Zdd„Zdd„Zd d „Zd d „Zd d„Z dd„Z dd„Z dd„Z dd„Z ejdd„ƒZdd„Zdd„Zdd„Zedd „ƒZd!d"„Zd#d$„Zd%d&„Zd'd(„Zed)d*„ƒZd+d,„Zd-d.„Ze d/ej vd0¡d1d2„ƒZ!d3d4„Z"d5d6„Z#e e$j%d7kd8¡d9d:„ƒZ&e e$j%d7kd8¡d;d<„ƒZ'd=d>„Z(d?d@„Z)dAdB„Z*dCdD„Z+dEdF„Z,e e-ƒdG¡dHdI„ƒZ.dJdK„Z/e 0dLdM¡dNdO„ƒZ1dPdQ„Z2dRdS„Z3dTS)UÚBasicSocketTestscCsštjtjtjtjtjtjtj| tj d¡| tj d¡| tj d¡| tj d¡tj tjtjtjtjtj| tjtj¡dS)NT)r r‰Ú CERT_OPTIONALÚ CERT_REQUIREDrAr?r@r>Ú assertEqualÚHAS_SNIÚHAS_ECDHZ HAS_TLSv1_2Z HAS_TLSv1_3Ú OP_NO_SSLv2Ú OP_NO_SSLv3Ú OP_NO_TLSv1Ú OP_NO_TLSv1_3Ú OP_NO_TLSv1_1Ú OP_NO_TLSv1_2rTr©Úselfr r r!Útest_constantsMs$zBasicSocketTests.test_constantsc Cs–tjtjtjtjtjtjg}|D]1}|j|d!| t d¡ d|_ Wdƒn1s-wYWdƒn1sr4) r r°rÌÚ NULLBYTECERTrrrrprsrtrÑrÒr£Z_OPENSSL_API_VERSION)r­rÔr3Zsanr r r!Útest_parse_cert_CVE_2013_4238És  z.BasicSocketTests.test_parse_cert_CVE_2013_4238cCs tj t¡}| |dd¡dS)Nr4) )r-Zallsans©Ú othernameú rë)räzuser@example.org)r-zwww.example.org)ZDirName)r%r'r)))r+zdirname example)ræzhttps://www.python.org/©rèú 127.0.0.1)rèz0:0:0:0:0:0:0:1)z Registered IDz 1.2.3.4.5)r r°rÌÚ ALLSANFILEr£rÓr r r!Útest_parse_all_sansæs  ÿz$BasicSocketTests.test_parse_all_sanscCs¤ttdƒ }| ¡}Wdƒn1swYt |¡}t |¡}t |¡}| ||¡| tjd¡s=|  d|¡|  dtj d¡sP|  d|¡dSdS)NÚrrËz-DER-to-PEM didn't include correct header: %r z-DER-to-PEM didn't include correct footer: %r ) rDÚ CAFILE_CACERTrEr ÚPEM_cert_to_DER_certZDER_cert_to_PEM_certr£Ú startswithZ PEM_HEADERÚfailÚendswithZ PEM_FOOTER)r­rGÚpemÚd1Zp2Úd2r r r!Útest_DER_to_PEMûs  ÿ    ÿz BasicSocketTests.test_DER_to_PEMc CsFtj}tj}tj}| |t¡| |t¡| |t¡| |d¡|  |d¡|\}}}}}| |d¡|  |d¡| |d¡|  |d¡| |d¡|  |d¡| |d¡|  |d¡| |d¡|  |d¡d |d ›} |d krƒd |d ›d |d ›d |d ›} nd |d ›d |d ›d |d ›} |  |  | | f¡||t |ƒf¡dS)Nii@rÃéréé?éz LibreSSL ÚdrzOpenSSL Ú.)r ZOPENSSL_VERSION_NUMBERÚOPENSSL_VERSION_INFOÚOPENSSL_VERSIONÚassertIsInstanceÚintÚtuplerRÚassertGreaterEqualÚ assertLessZassertLessEqualÚ assertTruerõÚhex) r­ÚnÚtr¼ÚmajorÚminorZfixÚpatchÚstatusZ libressl_verZ openssl_verr r r!Útest_openssl_versions6                  þz%BasicSocketTests.test_openssl_versioncCs`t tj¡}t|ƒ}t |¡}t dtf¡ ~Wdƒn1s"wY| |ƒd¡dS)NÚ) r¹ÚAF_INETr’ÚweakrefÚrefrrÅÚResourceWarningr£)r­r¼ÚssÚwrr r r!Ú test_refcycle*s  ÿzBasicSocketTests.test_refcyclec Csòt tj¡}t|ƒe}| t|jd¡| t|jtdƒ¡| t|jd¡| t|j tdƒd¡| t|j d¡| t|j dd¡| t |j ¡| t |jdgddd¡| t |jd¡| t |jtdƒg¡WdƒdS1srwYdS)NrÃóx)z0.0.0.0rr réd)r¹rr’rÆÚOSErrorÚrecvÚ recv_intorÇÚrecvfromÚ recvfrom_intoÚsendÚsendtoÚNotImplementedErrorÚdupÚsendmsgÚrecvmsgÚ recvmsg_into©r­r¼rr r r!Útest_wrapped_unconnected5s"    ÿ ÿ"õz)BasicSocketTests.test_wrapped_unconnectedc Cs\dD])}t tj¡}| |¡t|ƒ}| || ¡¡Wdƒn1s&wYqdS)N)Ngç@)r¹rÚ settimeoutr’r£Ú gettimeout)r­Útimeoutr¼rr r r!Ú test_timeoutGs   ÿ€ýzBasicSocketTests.test_timeoutc Csôtjtjtjtjg}tjtjtjtjg}tj j tj j tj j g}|D]C}|j |d3t tj¡}| t¡}|j|O_Wdƒn1sGwY| dt|jƒ¡Wdƒn1s_wYq!|D]E}t|ƒsnqg|j |d0| t¡ }t |¡Wdƒn1sŠwY| d|j›dt|jƒ¡Wdƒn1s§wYqg|D]H}t|ƒs¶q¯|j |d3t tj¡}| t¡ }||_Wdƒn1sÖwY| d|›dt|jƒ¡Wdƒn1sòwYq¯dS)N)Úoptionz4ssl.OP_NO_SSL*/ssl.OP_NO_TLS* options are deprecated)rYzssl.z is deprecatedrj)r r¨rªr«r©rrÚPROTOCOL_TLSv1_2rTr rrrr³r`rVÚ assertWarnsÚDeprecationWarningÚoptionsr£rRÚwarningrZrrWrI) r­r3Ú protocolsZversionsr/rMÚcmrYr5r r r!Útest_openssl111_deprecationsPslüüý  ÿþü€   ÿ þý€  ÿ þü€ýz-BasicSocketTests.test_openssl111_deprecationsc Csðt ¡}|jtdtj|td|jtdtj|dd|jtdtj|dddtj|dtd}| td|jtd f¡Wdƒn1sDwY| t ¡#}t ¡}tj|t d Wdƒn1sewYWdƒn1stwY|  |j j t j¡| t ¡$}t ¡}tj|tt d Wdƒn1sŸwYWdƒn1s®wY|  |j j t j¡| t ¡$}t ¡}tj|t t d Wdƒn1sÙwYWdƒn1sèwY|  |j j t j¡dS) Nzcertfile must be specified©r„z5certfile must be specified for server-side operationsT©r…r©r…rƒz!can't connect in server-side modei©rƒ©rƒr„)r¹r´ršr rŽrÍÚconnectÚHOSTrÆrÚNONEXISTINGCERTr£Ú exceptionÚerrnoÚENOENT)r­rr¼r6r r r!Útest_errors_sslwrap„sVþþ þ ÿÿ  ÿ€ÿ  ÿÿ€ÿ  ÿÿ€ÿz$BasicSocketTests.test_errors_sslwrapcCsntj tj t¡p tj|¡}t ¡}| |j¡|  t j ¡t ||dWdƒdS1s0wYdS)z;Check that trying to use the given client certificate failsr;N) rrrrrÚcurdirr¹Ú addCleanupÚcloserÆr r²r’©r­rƒrr r r!Ú bad_cert_test¢sÿ ÿ"ÿzBasicSocketTests.bad_cert_testcCó| d¡dS)z Wrapping with an empty cert filer;N©rHr¬r r r!Útest_empty_cert¬óz BasicSocketTests.test_empty_certcCrI)z:Wrapping with a badly formatted certificate (syntax error)r<NrJr¬r r r!Útest_malformed_cert°rLz$BasicSocketTests.test_malformed_certcCrI)z2Wrapping with a badly formatted key (syntax error)r=NrJr¬r r r!Útest_malformed_key´rLz#BasicSocketTests.test_malformed_keyc sJdd„}‡fdd„}ddi}||dƒ||dƒ||d ƒ||d ƒ||d ƒ||d ƒdd i}||dƒ||dƒ||dƒ||dƒ||dƒddi}||dƒ||dƒ||dƒ||dƒ||dƒddi}||dƒ||d ƒ||dƒddi}||dƒ||dƒ||dƒ||dƒddi}||dƒ||dƒ||dƒd d ¡ d!¡}dd"|fffi}|||ƒdd#i}|||ƒdd$i}|||ƒd% d ¡ d!¡}dd"|fffi}||d& d ¡ d!¡ƒ||d' d ¡ d!¡ƒ||d( d ¡ d!¡ƒ||d) d ¡ d!¡ƒd*d+d,d-œ}||d.ƒ||d/ƒ||d0ƒ||d1ƒd2d3d4œ}||d5ƒ||d6ƒ||d7ƒdd8d9œ}||d:ƒ||d;ƒ||d<ƒ||d=ƒ||d>ƒ||d?ƒ||d@ƒtjr„ddAd9œ}||dBƒ||dCƒ||dDƒ||dEƒ||dFƒ||d@ƒd2dGd4œ}||d5ƒdHdIdJd-œ}||d5ƒdHdGdJd-œ}||dKƒˆ ttjdd¡ˆ ttjid¡ddLi}ˆ tj dM¡t |dN¡Wdƒn 1sÓwYddOi}ˆ tj dP¡t |dQ¡Wdƒn 1sõwYddRi}ˆ tj dS¡t |dT¡Wdƒn 1swYddUi}ˆ tj dV¡t |dW¡Wdƒn 1s9wYddXi}ˆ tj dY¡t |dZ¡Wdƒn 1s[wYd[D]}ˆ t¡ t  |¡Wdƒn 1szwYqbd\D] }ˆ  t  |¡¡qƒtjr¡d]D] }ˆ  t  |¡¡q•dSdS)^NcSst ||¡dSr)r Úmatch_hostname©Úcertrœr r r!Úokºsz0BasicSocketTests.test_match_hostname..okcsˆ tjtj||¡dSr)rÆr ÚCertificateErrorrOrPr¬r r!rö¼sÿz2BasicSocketTests.test_match_hostname..failr3)))r+ú example.comrTz ExAmple.cOmzwww.example.comz .example.comz example.orgZ exampleXcom)))r+z*.a.comz foo.a.comz bar.foo.a.comza.comzXa.comz.a.com)))r+zf*.comzfoo.comzf.comzbar.comz bar.foo.com)rÝrÞznull.python.org)))r+z *.*.a.com)))r+za.*.comz a.foo.comza..comupüthon.python.orgÚidnaÚasciir+)))r+z x*.python.org)))r+zxn--p*.python.orguwww*.pythön.orguwww.pythön.orguwww1.pythön.orguftp.pythön.orgu pythön.orgzJun 26 21:41:46 2011 GMT)))r+ú linuxfrz.org))r-ú linuxfr.org)r-ú linuxfr.comrë)r0r3r4rXrYrírWzDec 18 23:59:59 2011 GMT)rÚ©)rÛÚ California©)r(z Mountain View©)r*z Google Inc©)r+úmail.google.com)r0r3r_z gmail.comr[)©r-rT)rèú 10.11.12.13)rèú 14.15.16.17rî)r3r4rarbz127.1z 14.15.16.17 z14.15.16.17 extra dataz 14.15.16.18z example.net)r`)rèz2001:0:0:0:0:0:0:CAFE )rèz2003:0:0:0:0:0:0:BABA z 2001::cafez 2003::babaz 2003::baba z2003::baba extra dataz 2003::bebe)rÚrZr\r]zDec 18 23:59:59 2099 GMT)rÚrZr\r^))rìZblablaz google.com)))r+za*b.example.comz5partial wildcards in leftmost label are not supportedzaxxb.example.com)))r+zwww.*.example.comz2wildcard can only be present in the leftmost labelzwww.sub.example.com)))r+za*b*.example.comztoo many wildcardszaxxbxxc.example.com)))r+Ú*z7sole wildcard without additional labels are not supportÚhost)))r+z*.comz%hostname 'com' doesn't match '\*.com'Zcom)Ú1rz1.2.3z 256.0.0.1z 127.0.0.1/24)rïz 192.168.0.1)z::1z2001:db8:85a3::8a2e:370:7334) ÚencodeÚdecoderÚ IPV6_ENABLEDrÆršr rOr´rSZ _inet_patonr )r­rRrörQrUÚinvalidZipaddrr r¬r!Útest_match_hostname¸s                               þ    ÿ   ÿ       ÿ      ÿ û û þýþýþýþýþý  ÿ€þz$BasicSocketTests.test_match_hostnamecCsPt tj¡}t ¡}|jt|j|dddWdƒdS1s!wYdS)NTz some.hostname©r†)r r`rUr¹rÆršrŽ)r­rMrr r r!Útest_server_sides  ÿ"ÿz!BasicSocketTests.test_server_sidec Cst d¡}t tj¡}| | ¡¡t|dd"}| t¡ | d¡Wdƒn1s.wYWdƒn1s=wY|  ¡dS)N©rïrF©Údo_handshake_on_connectz unknown-type) r¹Ú create_serverrr=Ú getsocknamer’rÆršÚget_channel_bindingrF)r­r¼Úcrr r r!Útest_unknown_channel_binding†s    ÿ€ÿ z-BasicSocketTests.test_unknown_channel_bindingú tls-uniqueú*'tls-unique' channel binding not availablecCs”t tj¡}t|ƒ}| | d¡¡Wdƒn1swYt tj¡}t|dtd}| | d¡¡WdƒdS1sCwYdS)NruTr:)r¹rr’Ú assertIsNonerrrÍr(r r r!Útest_tls_unique_channel_bindings  ÿ "ÿz0BasicSocketTests.test_tls_unique_channel_bindingcCsjtt tj¡ƒ}t|ƒ}| t¡}d}t ¡Wdƒn1s"wY| |t |j j dƒ¡dSrw) r’r¹rÚreprr1rrÚ gc_collectÚassertInrRr4rd)r­rròr6r r r!Útest_dealloc_warnœs  þz"BasicSocketTests.test_dealloc_warncCsˆt ¡}| t|ƒd¡| |tj¡t ¡#}t|d<t |d<t ¡}| |j t ¡| |j t¡WdƒdS1s=wYdS)NéÚ SSL_CERT_DIRÚ SSL_CERT_FILE) r Zget_default_verify_pathsr£rXrZDefaultVerifyPathsrÚEnvironmentVarGuardÚCAPATHrÍÚcafiler$)r­ÚpathsÚenvr r r!Útest_get_default_verify_paths¤s "ûz.BasicSocketTests.test_get_default_verify_pathsrúWindows specificc Csî| t d¡¡| t d¡¡| ttj¡| ttjd¡tƒ}dD]H}t |¡}| |t¡|D]8}| |t ¡|  t |ƒd¡|\}}}| |t ¡|  |ddh¡| |tttf¡t|ttfƒrk| |¡q3q$d}|  ||¡dS) NÚCAÚROOTr)r‡rˆrÚx509_asnÚ pkcs_7_asnú1.3.6.1.5.5.7.3.1)r r Zenum_certificatesrÆrµÚ WindowsErrorÚsetrÚlistrr£rXÚbytesr{Ú frozensetÚboolrQÚupdate) r­Z trust_oidsZ storenameÚstoreÚelementrQÚencZtrustÚ serverAuthr r r!Útest_enum_certificates°s*      €ø z'BasicSocketTests.test_enum_certificatescCs’| t d¡¡| ttj¡| ttjd¡t d¡}| |t¡|D]"}| |t¡|  t |ƒd¡| |dt ¡|  |dddh¡q$dS)Nr‡rérrÃr‰rŠ) r r Z enum_crlsrÆrµrŒrrŽrr£rXrr{)r­Zcrlsr”r r r!Útest_enum_crlsÉs   üzBasicSocketTests.test_enum_crlsc CsÞd}t d¡}| ||¡| |jd¡| |jd¡| |jd¡| |jd¡| |tj¡| t tjd¡tj  d¡}| ||¡| |tj¡| t tjj d¡|  t d¡tj  d¡Wdƒn1skwYt d ƒD]4}ztj  |¡}Wn t y‡Yqtw| |jt ¡| |jt¡| |jt¡| |jttdƒf¡qttj d¡}| ||¡| |tj¡| tj d¡|¡| tj d¡|¡|  t d ¡tj d ¡WdƒdS1sèwYdS) N)ér–úTLS Web Server Authenticationr‹r‹ršr–r›éÿÿÿÿzunknown NID 100000i †éèzunknown object 'serverauth'Z serverauth)r Ú _ASN1Objectr£ÚnidÚ shortnameZlongnameÚoidrrÆršZfromnidr´ÚrangerrRÚtypeZfromname)r­ÚexpectedÚvalÚiÚobjr r r!Útest_asn1objectØsH    ÿ  ÿ  ÿ"ÿz BasicSocketTests.test_asn1objectcCsÈt d¡}| tjjtj¡| tjj|¡| tjjjd¡| tjjjd¡| tjjjd¡t d¡}| tjj tj¡| tjj |¡| tjj jd¡| tjj jd¡| tjj jd¡dS)Nr‹ršr–z1.3.6.1.5.5.7.3.2é‚Z clientAuth) r ržrÚPurposeÚ SERVER_AUTHr£rŸr r¡Ú CLIENT_AUTH)r­r¥r r r!Útest_purpose_enumÿs  ÿ  ÿz"BasicSocketTests.test_purpose_enumcCs¼t tjtj¡}| |j¡| t¡}t|tj dWdƒn1s%wY|  t |j ƒd¡t  tj¡}| t¡ }| |¡Wdƒn1sNwY|  t |j ƒd¡dS)N©r€z!only stream sockets are supported)r¹rÚ SOCK_DGRAMrErFrÆr#r’r r‰r£rRr@r`rVrŽ)r­r¼ZcxrMr r r!Útest_unsupported_dtlss  ÿ   ÿz&BasicSocketTests.test_unsupported_dtlscCs| t |¡|¡dSr)r£r Úcert_time_to_seconds)r­Ú timestringZ timestampr r r!Ú cert_time_okszBasicSocketTests.cert_time_okcCs:| t¡t |¡WdƒdS1swYdSr)rÆršr r±)r­r²r r r!Úcert_time_fails  "ÿzBasicSocketTests.cert_time_failz)local time needs to be different from UTCcCs| dd¡| dd¡dS)NzMay 9 00:00:00 2007 GMTgÀCÑAúJan 5 09:34:43 2018 GMTçÀ¬Ñ“ÖA)r³r¬r r r!Ú"test_cert_time_to_seconds_timezone"s z3BasicSocketTests.test_cert_time_to_seconds_timezonecCsàd}d}| ||¡| tj|d|¡| d|¡| d|¡| d¡| d¡| d¡| d ¡| d ¡| d ¡| d ¡d }| d|¡| d|¡| dd¡| dd¡| dd¡| d¡| dd¡dS)Nrµr¶)Z cert_timezJan 05 09:34:43 2018 GMTzJaN 5 09:34:43 2018 GmTzJan 5 09:34 2018 GMTzJan 5 09:34:43 2018zJan 5 09:34:43 2018 UTCzJan 35 09:34:43 2018 GMTzJon 5 09:34:43 2018 GMTzJan 5 24:00:00 2018 GMTzJan 5 09:60:43 2018 GMTgàWÒAzDec 31 23:59:60 2008 GMTzJan 1 00:00:00 2009 GMTzJan 5 09:34:59 2018 GMTiÃFOZzJan 5 09:34:60 2018 GMTiÄFOZzJan 5 09:34:61 2018 GMTiÅFOZzJan 5 09:34:62 2018 GMTzDec 31 23:59:59 9999 GMTg€¿ úMB)r³r£r r±r´)r­r²ÚtsZ newyear_tsr r r!Útest_cert_time_to_seconds*s*                z*BasicSocketTests.test_cert_time_to_secondsÚLC_ALLrcCs@dd„}|ƒ ¡dkr| d¡| dd¡| |ƒd¡dS)NcSs t dd¡S)Nz%b) rÃr˜rrüér}rrr)rxÚstrftimer r r r!Úlocal_february_nameQó zNBasicSocketTests.test_cert_time_to_seconds_locale..local_february_nameZfebz>locale-specific month name needs to be different from C localezFeb 9 00:00:00 2007 GMTg`îrÑAz 9 00:00:00 2007 GMT)ÚlowerÚskipTestr³r´)r­r½r r r!Ú test_cert_time_to_seconds_localeMs   z1BasicSocketTests.test_cert_time_to_seconds_localecCsvt tj¡}| |j¡t |¡}tt tj¡tjd}| |j¡|  t |f¡}t j t j t jt jf}| ||¡dS)Nr®)r¹rrErFrÚ bind_portr’r r¢Ú connect_exr>rAZ ECONNREFUSEDZ EHOSTUNREACHZ ETIMEDOUTÚ EWOULDBLOCKr{)r­ÚserverÚportr¼ÚrcÚerrorsr r r!Útest_connect_ex_error\s    ÿ  þz&BasicSocketTests.test_connect_ex_errorc Cs¶tƒ\}}}t|d}|D|jt ¡|d"}| t|jf¡| | d¡d¡| |  d¡d¡Wdƒn1srÆr£rr!©r­rržrœrÅr¼r r r!Útest_read_write_zerols   ÿüÿ"ÿz%BasicSocketTests.test_read_write_zeroN)4Ú__name__Ú __module__Ú __qualname__r®r·r½rÁrÊrÕrÙrêrñrûrrZ cpython_onlyrr)r.r7Úignore_deprecationrCrHrKrMrNrjrlrtrcÚ skipUnlessr ÚCHANNEL_BINDING_TYPESrxr|r…rpÚplatformr—r™r¨r­r°r³r´r~r·r¹Zrun_with_localerÁrÉrÎr r r r!r Ksh #   4   G ÿ    ' ÿ  #  r c@s|eZdZdd„Zdd„Ze edkd¡dd„ƒZd d „Z d d „Z d d„Z dd„Z e dd„ƒZe eejdƒd¡dd„ƒZdd„Zdd„Zdd„Zdd„Ze ed¡d d!„ƒZd"d#„Zd$d%„Ze ejd&¡d'd(„ƒZd)d*„Zd+d,„Zd-d.„Z d/d0„Z!d1d2„Z"e e#j$d3kd4¡d5d6„ƒZ%e e#j$d3kd7¡e ee#d8ƒd9¡d:d;„ƒƒZ&dd?„Z(d@dA„Z)dBdC„Z*dDdE„Z+dFdG„Z,dHdI„Z-dJS)KÚ ContextTestsc Cs¶tD]&}t|ƒr(t ¡ t |¡}Wdƒn1swY| |j|¡qt ¡ t ¡}Wdƒn1só€z0ContextTests.test_get_ciphers..>zECDHE-ECDSA-AES128-GCM-SHA256zECDHE-ECDSA-AES256-GCM-SHA384zECDHE-RSA-AES256-GCM-SHA384zDHE-RSA-AES256-GCM-SHA384zECDHE-RSA-AES128-GCM-SHA256zDHE-RSA-AES128-GCM-SHA256zAES256-GCM-SHA384zAES128-GCM-SHA256r˜z got: z expected: ) r r`rVrKrràÚ intersectionrrXÚsorted)r­rMÚnamesr¤rår r r!Útest_get_ciphersšs   ÿzContextTests.test_get_cipherscCsöt tj¡}tjtjBtjB}|ttBtBt Bt BO}|  ||j ¡t  ¡|j tjO_ Wdƒn1s9wY|  |tjB|j ¡t  ¡|j tj@|_ Wdƒn1s_wY|  ||j ¡d|_ |  d|j tj@¡dSrw)r r`rVÚOP_ALLr¦r§r>rAr?r@rBr£r3rrÅr¨)r­rMÚdefaultr r r!Ú test_options­s( ÿÿþ ÿ ÿzContextTests.test_optionscCs@t ¡t tj¡}Wdƒn1swY| |jtj¡tj|_| |jtj¡tj |_| |jtj ¡tj|_| |jtj¡|  t ¡ d|_Wdƒn1sYwY|  t ¡ d|_Wdƒn1sqwYt tj ¡}| |jtj¡| |j¡t tj¡}| |jtj ¡| |j¡dS©Nr×)rrÅr r`rTr£r‹r‰r¡r¢rÆrµršrUÚ assertFalserŠrVr rÞr r r!Útest_verify_mode_protocolÀs, ÿ ÿ ÿ   z&ContextTests.test_verify_mode_protocolcCsŽt tj¡}| |j¡tjr,d|_| |j¡d|_| |j¡d|_| |j¡dS| t¡ d|_WdƒdS1s@wYdS©NTF) r r`rVr Úhostname_checks_common_nameÚHAS_NEVER_CHECK_COMMON_NAMErírÆÚAttributeErrorrÞr r r!Ú test_hostname_checks_common_nameØs     "ÿz-ContextTests.test_hostname_checks_common_namecCst tj¡}tjjtjjtjjh}tjjtjjh}|  |j |¡|  |j |¡tjj |_ tjj|_ |  |j tjj ¡|  |j tjj¡tjj|_ tjj|_ |  |j tjj¡|  |j tjj¡tjj|_ |  |j tjj¡tjj|_ |  |j tjjtjj tjjh¡tjj|_ |  |j tjjtjjh¡| t¡ d|_ Wdƒn1s§wYttjƒrþt tj¡}|  |j |¡|  |j tjj¡| t¡ tjj|_ Wdƒn1sÜwY| t¡tjj|_ WdƒdS1s÷wYdSdSrì)r r`rUr rarr_rbÚTLSv1_3r{rIr\rr£rrÆršrZr)r­rMZ minimum_rangeZ maximum_ranger r r!Útest_min_max_versionæs| ú üÿÿ   ÿ ÿ   ÿ ÿ  ÿ þ þ ÿ  ÿ ÿ  ÿ  "ÿõz!ContextTests.test_min_max_versionÚsecurity_levelzrequires OpenSSL >= 1.1.0cCs&t tj¡}hd£}| |j|¡dS)N>rrÃr˜rrür»)r r`rVr{rö)r­rMZsecurity_level_ranger r r!Útest_security_level5s z ContextTests.test_security_levelcCsæt tj¡}ttddƒ}| |jtj|B¡tj|_| |jtj¡tj|_| |jtj¡tj|_| |jtj¡tj |_| |jtj ¡tjtj B|_| |jtjtj B¡|  t ¡ d|_WdƒdS1slwYdS)NÚVERIFY_X509_TRUSTED_FIRSTr) r r`rUrSr£Ú verify_flagsÚVERIFY_DEFAULTÚVERIFY_CRL_CHECK_LEAFZVERIFY_CRL_CHECK_CHAINZVERIFY_ALLOW_PROXY_CERTSZVERIFY_X509_STRICTrÆrµ)r­rMÚtfr r r!Útest_verify_flagsHs$   ÿ "ÿzContextTests.test_verify_flagsc CsÐt tj¡}|jtdd|jttd|jt|jtd| t¡ }| t¡Wdƒn1s2wY|  |j j t j ¡|  tjd¡ | t¡Wdƒn1sWwY|  tjd¡ | t¡Wdƒn1sswYt tj¡}| tt¡|jttd|jttd|  tjd¡ | t¡Wdƒn1s©wY|  tjd¡ | t¡Wdƒn1sÅwY|  tjd¡|jttdWdƒn1sãwYt tj¡}|  tjd¡| tt¡Wdƒn 1swY|jttd|jtt ¡d|jttt ¡ƒd| ttt¡| ttt ¡¡| tttt ¡ƒ¡|  td¡|jtddWdƒn 1s[wY| tj¡|jtddWdƒn 1sywY|  td ¡|jtd d dWdƒn 1s™wYd d „}dd„}dd„}dd„}dd„}dd„}dd„} Gdd„dƒ} |jt|d|jt|d|jt|d|jt| ƒd|jt| ƒjd| tj¡|jt|dWdƒn 1swY|  td ¡|jt|dWdƒn 1swY|  td¡|jt|dWdƒn 1s.getpass_unicodecSst ¡Sr)rrfr r r r!Ú getpass_bytesóz8ContextTests.test_load_cert_chain..getpass_bytescSs tt ¡ƒSr)rÇrrfr r r r!Úgetpass_bytearrayr¾z.getpass_bytearraycSódS)Nrr r r r r!Úgetpass_badpass‘rPz:ContextTests.test_load_cert_chain..getpass_badpasscSsddS)Nrir r r r r!Ú getpass_huge“rz7ContextTests.test_load_cert_chain..getpass_hugecSr )Nràr r r r r!Úgetpass_bad_type•rPz;ContextTests.test_load_cert_chain..getpass_bad_typecSstdƒ‚)Nú getpass error)Ú Exceptionr r r r!Úgetpass_exception—rz.getpass_exceptionc@óeZdZdd„Zdd„ZdS)z:ContextTests.test_load_cert_chain..GetPassCallablecSrrrr¬r r r!Ú__call__šrPzCContextTests.test_load_cert_chain..GetPassCallable.__call__cSrrrr¬r r r!ÚgetpassœrPzBContextTests.test_load_cert_chain..GetPassCallable.getpassN)rÏrÐrÑrrr r r r!ÚGetPassCallable™s rzmust return a stringr )r r`rUrrÍrÆrµrr?r£r@rArBr´r²ÚBADCERTÚ EMPTYCERTÚONLYCERTÚONLYKEYÚBYTES_ONLYCERTÚ BYTES_ONLYKEYróÚCERTFILE_PROTECTEDrrfrÇÚONLYKEY_PROTECTEDršrr) r­rMr6rrrr r r rrr r r!Útest_load_cert_chain\sœ   ÿ ÿ ÿ   ÿ ÿÿ ÿ ÿ ÿÿÿüÿÿÿÿÿz!ContextTests.test_load_cert_chaincCs t tj¡}| t¡|jtdd| t¡|jtdd| t|j¡| t|jddd¡| t¡ }| t ¡Wdƒn1sDwY|  |j j t j ¡| tjd¡ | t¡Wdƒn1siwY| tt¡|jttd| t|jdd¡dS)N)r‚r$rþ©r$T)r r`rUrŒrÍÚBYTES_CERTFILErÆrµrr?r£r@rArBr´r²rrÚ BYTES_CAPATH©r­rMr6r r r!Útest_load_verify_locations¯s"     ÿ ÿ z'ContextTests.test_load_verify_locationscCs ttƒ }| ¡}Wdƒn1swYt |¡}ttƒ }| ¡}Wdƒn1s0wYt |¡}t tj¡}| |  ¡dd¡|j |d| |  ¡dd¡|j |d| |  ¡dd¡|j |d| |  ¡dd¡t tj¡}d  ||f¡}|j |d| |  ¡dd¡t tj¡}d|d|d |d g}|j d  |¡d| |  ¡dd¡t tj¡}|j |d|j |d| |  ¡dd¡|j |d| |  ¡dd¡t tj¡}d   ||f¡}|j |d| |  ¡dd¡t tj¡}|j t |j td| tjd ¡|j d dWdƒn 1s*wY| tjd¡|j ddWdƒdS1sIwYdS)NÚx509_car©ÚcadatarÃr˜rËÚheadÚotherZagainÚtailrËz4no start line: cadata does not contain a certificateÚbrokenz6not enough data: cadata does not contain a certificatesbroken)rDrórEr rôÚCAFILE_NEURONIOr`rVr£Úcert_store_statsrŒrrÆrµÚobjectr´r²)r­rGZ cacert_pemZ cacert_derZ neuronio_pemZ neuronio_derrMZcombinedr r r!Útest_load_verify_cadataÂsd  ÿ   ÿ         ÿ       þüþ$üz$ContextTests.test_load_verify_cadataú)Avoid mixing debug/release CRT on WindowscCsÊt tj¡}| t¡tjdkr| t¡| t |j¡| t |jd¡| t ¡ }| t ¡Wdƒn1s9wY|  |j jtj¡| tj¡}| t¡WdƒdS1s^wYdS)NÚnt)r r`rUÚload_dh_paramsÚDHFILErrÚ BYTES_DHFILErÆrµrFr?r£r@rArBr²rÍr r r r!Útest_load_dh_paramss      ÿ "ÿz ContextTests.test_load_dh_paramscCsHtjtjhD]}t |¡}| | ¡ddddddddddddœ ¡qdS)Nr) Únumberr=Z connect_goodZconnect_renegotiateÚacceptZ accept_goodZaccept_renegotiateÚhitsÚmissesZtimeoutsZ cache_full)r rVrUr`r£Ú session_statsr¿r r r!Útest_session_statss    õþzContextTests.test_session_statscCst tj¡}| ¡dSr)r r`rVZset_default_verify_pathsrÞr r r!Útest_set_default_verify_paths s  z*ContextTests.test_set_default_verify_pathsz#ECDH disabled on this OpenSSL buildcCsbt tj¡}| d¡| d¡| t|j¡| t|jd¡| t|jd¡| t|jd¡dS)NÚ prime256v1s prime256v1Úfooófoo)r r`rUÚset_ecdh_curverÆrµršrÞr r r!Útest_set_ecdh_curve&s   z ContextTests.test_set_ecdh_curvecCsjt tj¡}| t|j¡| t|jd¡| t|jd¡| t|j|¡dd„}| d¡| |¡dS)NrürcSrOrr ©rÚ servernamerMr r r!Ú dummycallback9rPz5ContextTests.test_sni_callback..dummycallback)r r`rUrÆrµÚset_servername_callback)r­rMrAr r r!Útest_sni_callback0s  zContextTests.test_sni_callbackcCsJt tj¡}|fdd„}| |¡t |¡}~~t ¡| |ƒd¡dS)NcSrOrr )rr@rMÚcycler r r!rABrPz>ContextTests.test_sni_callback_refcycle..dummycallback) r r`rUrBrrÚgcÚcollectr¾)r­rMrArr r r!Útest_sni_callback_refcycle>s    z'ContextTests.test_sni_callback_refcyclecCsŽt tj¡}| | ¡ddddœ¡| t¡| | ¡ddddœ¡| t¡| | ¡ddddœ¡| t¡| | ¡ddddœ¡dS)Nr)r"ÚcrlÚx509rÃr˜) r r`rVr£r*rrÍrŒrórÞr r r!Útest_cert_store_statsJs   ÿ   ÿ   ÿ   ÿz"ContextTests.test_cert_store_statsc Cs´t tj¡}| | ¡g¡| t¡| | ¡g¡| t¡| | ¡ddddddddœg¡ttƒ }|  ¡}Wdƒn1sDwYt  |¡}| | d¡|g¡dS) N)))r*zRoot CA))rÜzhttp://www.cacert.org))r+zCA Cert Signing Authority))rßzsupport@cacert.orgzMar 29 12:29:49 2033 GMTzMar 30 12:29:49 2003 GMTZ00)z!https://www.cacert.org/revoke.crlr)r/r0r1r2r9r3r5T) r r`rVr£Ú get_ca_certsrŒrÍrórDrErô)r­rMrGrøÚderr r r!Útest_get_ca_certsXs(    ôÿ  ÿ zContextTests.test_get_ca_certscCs€t tj¡}| ¡t tj¡}| tjj¡| ¡t tj¡}| tjj¡t tj¡}| t|jd¡| t|jd¡dS)Nr«) r r`rVÚload_default_certsrªr«r¬rÆrµrÞr r r!Útest_load_default_certsts    z$ContextTests.test_load_default_certsrznot-Windows specificcCsjt tj¡}t ¡!}t|d<t|d<| ¡| |  ¡ddddœ¡WdƒdS1s.wYdS)Nr~rrrÃ)rHrIr") r r`rVrr€rrÍrNr£r*)r­rMr„r r r!Útest_load_default_certs_envƒs  "üz(ContextTests.test_load_default_certs_envr†rz3Debug build does not share environment between CRTscCsŽt tj¡}| ¡| ¡}t tj¡}t ¡%}t|d<t|d<| ¡|dd7<|  | ¡|¡WdƒdS1s@wYdS)Nr~rrIrÃ) r r`rVrNr*rr€rrÍr£)r­rMÚstatsr„r r r!Ú#test_load_default_certs_env_windowsŒs   "ûz0ContextTests.test_load_default_certs_env_windowscCs†| |jtj@tj¡tdkr| |jt@t¡tdkr%| |jt@t¡tdkr2| |jt@t¡tdkrA| |jt@t¡dSdSrw)r£r3r r¦r>r?r@rArÞr r r!Ú_assert_context_options›s$ ÿ ÿ ÿ ÿÿz$ContextTests._assert_context_optionscCsät ¡}| |jtj¡| |jtj¡| |j¡|  |¡t t ƒ }|  ¡}Wdƒn1s2wYtjt t |d}| |jtj¡| |jtj¡|  |¡t tjj¡}| |jtj¡| |jtj¡|  |¡dS)N)r‚r$r$)r Úcreate_default_contextr£rYrVr‹r¢r rŠrSrDr›rErrªr¬rUr‰)r­rMrGr$r r r!Útest_create_default_contextªs$    ÿÿ z(ContextTests.test_create_default_contextcCsVt ¡}| |jtj¡| |jtj¡| |j¡|  |¡t tj ƒrSt   ¡t tj ¡}Wdƒn1s9wY| |jtj ¡| |jtj¡|  |¡t   ¡tjtjtjdd}Wdƒn1slwY| |jtj¡| |jtj¡| |j¡|  |¡tjtjjd}| |jtj¡| |jtj¡|  |¡dS)NT)r€rŠ)Zpurpose)r Ú_create_stdlib_contextr£rYrVr‹r‰rírŠrSrZrrrÅr0r¢r rªr¬rUrÞr r r!Útest__create_stdlib_context¿s6    ÿ  ýÿ  z(ContextTests.test__create_stdlib_contextcCs t ¡t tj¡}Wdƒn1swY| |j¡| |jtj ¡d|_|  |j¡| |jtj ¡d|_tj |_| |j¡| |jtj ¡d|_tj |_d|_| |j¡| |jtj ¡d|_|  |j¡| |jtj ¡d|_tj |_d|_| |j¡| |jtj ¡d|_|  |j¡| |jtj ¡|  t¡ tj |_Wdƒn1s´wYd|_| |j¡tj |_| |jtj ¡dSrï)rrÅr r`rTrírŠr£r‹r‰r r¢r¡rÆršrÞr r r!Útest_check_hostnameÝsF ÿ         ÿ z ContextTests.test_check_hostnamecCsTt tj¡}| |j¡| |jtj¡t tj¡}|  |j¡| |jtj ¡dSr) r r`rVr rŠr£r‹r¢rUrír‰rÞr r r!Útest_context_client_server s    z'ContextTests.test_context_client_servercCs¢Gdd„dtjƒ}Gdd„dtjƒ}t tj¡}||_||_|jt ¡dd}|  ||¡Wdƒn1s8wY|j t  ¡t  ¡dd}|  ||¡dS)Nc@ó eZdZdS)z;ContextTests.test_context_custom_class..MySSLSocketN©rÏrÐrÑr r r r!Ú MySSLSocketór\c@rZ)z;ContextTests.test_context_custom_class..MySSLObjectNr[r r r r!Ú MySSLObjectr]r^Tr9) r rºÚ SSLObjectr`rUZsslsocket_classZsslobject_classrŽr¹rÚwrap_bior±)r­r\r^rMrr§r r r!Útest_context_custom_classs ÿz&ContextTests.test_context_custom_classcCsòt tj¡}| |jd¡d|_| |jd¡d|_| |jd¡| t¡ d|_Wdƒn1s4wY| t¡ d|_Wdƒn1sLwYt tj¡}| |jd¡| t¡ d|_WdƒdS1srwYdS)Nr˜rÃrrœ) r r`rUr£Z num_ticketsrÆršrµrVrÞr r r!Útest_num_tickest$s"  ÿ ÿ  "ÿzContextTests.test_num_tickestN).rÏrÐrÑrÙrßrcrÓrrárèrërîrórÒrõrJr r`r÷rýrr!r,ÚskipIfÚPy_DEBUG_WIN32r2r8r9r¥r>rCrGrJrMrOrprÕrPrRrSrUrWrXrYrarbr r r r!rÖxsZ ÿ   N þ S ?         , rÖc@s8eZdZdd„Ze ed¡dd„ƒZdd„Zdd „Z d S) Ú SSLErrorTestscCsXt dd¡}| t|ƒd¡| |jd¡t dd¡}| t|ƒd¡| |jd¡dS)NrÃr;)r r²r£rRrAZSSLZeroReturnError)r­Úer r r!Útest_str8s  zSSLErrorTests.test_strr-cCs‚t tj¡}| tj¡ }| t¡Wdƒn1swY| |jj d¡| |jj d¡t |jƒ}|  |  d¡|¡dS)NZPEMZ NO_START_LINEz"[PEM: NO_START_LINE] no start line)r r`rVrÆr²r/rÍr£r@ÚlibraryÚreasonrRr rõ)r­rMr6r¼r r r!Útest_lib_reasonBs  ÿ zSSLErrorTests.test_lib_reasonc Cst tj¡}d|_tj|_t d¡f}t |  ¡¡}|  d¡|j |ddd9}|  tj ¡ }| ¡Wdƒn1s=wYt|jƒ}| | d¡|¡| |jjtj¡Wdƒn1scwYWdƒdSWdƒdS1s{wYdS)NFrmrnz%The operation did not complete (read))r r`rVrŠr‰r‹r¹rpÚcreate_connectionrqÚ setblockingrŽrÆÚSSLWantReadErrorÚ do_handshakerRr@r rõr£rAÚSSL_ERROR_WANT_READ)r­rMr¼rsr6r r r!Ú test_subclassMs"    ÿ úý"ýzSSLErrorTests.test_subclasscCsÔt ¡}| t¡|jt ¡t ¡ddWdƒn1s wY| t¡|jt ¡t ¡ddWdƒn1sAwY| t¡|jt ¡t ¡ddWdƒdS1scwYdS)Nrrkz .example.orgzexample.orgevil.com)r rTrÆršr`r±rµrÞr r r!Útest_bad_server_hostname_s  ÿÿ ÿÿ ÿ"ÿz&SSLErrorTests.test_bad_server_hostnameN) rÏrÐrÑrgrcrcrdrjrprqr r r r!re6s   rec@s4eZdZdd„Zdd„Zdd„Zdd„Zd d „Zd S) ÚMemoryBIOTestscCsªt ¡}| d¡| | ¡d¡| | ¡d¡| d¡| d¡| | ¡d¡| | ¡d¡| d¡| | d¡d¡| | d¡d ¡| | d¡d¡dS) Nr<rËóbarsfoobaróbazr˜sbarÃóz)r r±rtr£rE©r­Úbior r r!Útest_read_writens    zMemoryBIOTests.test_read_writecCs¶t ¡}| |j¡| | ¡d¡| |j¡| d¡| |j¡| ¡| |j¡| | d¡d¡| |j¡| | d¡d¡| |j¡| | ¡d¡| |j¡dS)NrËr<r˜sforÃóo) r r±ríÚeofr£rErtÚ write_eofr rvr r r!Útest_eof|s       zMemoryBIOTests.test_eofcCs t ¡}| |jd¡| d¡| |jd¡tdƒD]}| d¡| |jd|d¡qtdƒD]}| d¡| |j|d¡q2| ¡| |jd¡dS)Nrr<rrÃr)r r±r£Úpendingrtr¢rE)r­rwr¦r r r!Ú test_pendingŒs     zMemoryBIOTests.test_pendingcCsbt ¡}| d¡| | ¡d¡| tdƒ¡| | ¡d¡| tdƒ¡| | ¡d¡dS)Nr<rsrt)r r±rtr£rErÇÚ memoryviewrvr r r!Útest_buffer_typesšs z MemoryBIOTests.test_buffer_typescCsLt ¡}| t|jd¡| t|jd¡| t|jd¡| t|jd¡dS)Nr;TrÃ)r r±rÆrµrtrvr r r!Útest_error_types£s zMemoryBIOTests.test_error_typesN)rÏrÐrÑrxr|r~r€rr r r r!rrls  rrc@r)ÚSSLObjectTestscCsFt ¡}| td¡t ||¡WdƒdS1swYdSr¸)r r±r´rµr_rvr r r!r½¬s"ÿz SSLObjectTests.test_private_initc Cs:tƒ\}}}t ¡}t ¡}t ¡}t ¡}|j|||d}|j||dd} tdƒD]8} z| ¡Wn tjy<Ynw|jrG| |  ¡¡z|  ¡Wn tjyWYnw|jrb| |  ¡¡q*| ¡|  ¡|  tj¡ |  ¡Wdƒn1s€wY| |  ¡¡|   ¡| |  ¡¡|  ¡dS)NrkTr9r») rŸr r±r`r¢rnrmr}rtrErÆÚunwrap) r­Ú client_ctxÚ server_ctxrœZc_inZc_outZs_inZs_outÚclientrÅÚ_r r r!Ú test_unwrap±s@   ÿ ÿ€ ÿ zSSLObjectTests.test_unwrapN)rÏrÐrÑr½rˆr r r r!r‚«s r‚c@sÒeZdZdZdd„Zdd„Zdd„Zdd „Zd d „Zd d „Z dd„Z dd„Z dd„Z e  ejdkd¡dd„ƒZdd„Zdd„Zdd„Zdd„Zd d!„Zd"d#„Zd$d%„Zd&d'„Zd(d)„Zd*d+„Zd,d-„Zd.d/„Zd0S)1ÚSimpleBackgroundTestsz?Tests that connect to a simple server running in the backgroundcCsPt tj¡|_|j t¡t|jd}t|jf|_ |  ¡|  |j ddd¡dS)NrÊ) r r`rUržrr•rÌr>rÆÚ server_addrÚ __enter__rEÚ__exit__)r­rÅr r r!ÚsetUpÞs    zSimpleBackgroundTests.setUpcCsÂtt tj¡tjd}| |j¡| i| ¡¡|  |j ¡Wdƒn1s*wYtt tj¡tj t d}| |j¡|  | ¡¡|  |j ¡WdƒdS1sZwYdS)Nr®©r€r)r’r¹rr r‰r=rŠr£Ú getpeercertrír…r¢r›r r»r r r!Ú test_connectæs" ÿ ü þ "ûz"SimpleBackgroundTests.test_connectcCs<tt tj¡tjd}| |j¡| tjd|j |j ¡dS)Nr®úcertificate verify failed) r’r¹rr r¢rErFr´r²r=rŠr»r r r!Útest_connect_failõs ÿ  ÿz'SimpleBackgroundTests.test_connect_failcCsJtt tj¡tjtd}| |j¡| d|  |j ¡¡|  |  ¡¡dS)NrŽr) r’r¹rr r¢r›rErFr£rÃrŠr rr»r r r!Útest_connect_exÿs þ z%SimpleBackgroundTests.test_connect_exc CsÒtt tj¡tjtdd}| |j¡| d¡|  |j ¡}|  |dt j t jf¡t g|ggd¡ z| ¡Wn&tjyLt |gggd¡Yntjy^t g|ggd¡Ynwq3| | ¡¡dS)NF)r€rrorr*)r’r¹rr r¢r›rErFrlrÃrŠr{rAZ EINPROGRESSrÄÚselectrnrmÚSSLWantWriteErrorr r©r­r¼rÇr r r!Útest_non_blocking_connect_exs* ý   ÿú z2SimpleBackgroundTests.test_non_blocking_connect_excCst tj¡}d|_tj|_| t tj¡¡}|  |j ¡|  i|  ¡¡Wdƒn1s/wY|jt tj¡dd}|  |j ¡Wdƒn1sPwYtj |_| t¡| t tj¡¡}|  |j ¡|  ¡}| |¡WdƒdS1s‚wYdS)NFZdummyrk)r r`rVrŠr‰r‹rŽr¹rr=rŠr£rr¢rŒr›r ©r­rMr¼rQr r r!Útest_connect_with_context"s(  þÿþ   "ýz/SimpleBackgroundTests.test_connect_with_contextcCsHt tj¡}|jt tj¡td}| |j¡|  tj d|j |j ¡dS)Nrkr‘) r r`rVrŽr¹rrˆrErFr´r²r=rŠ)r­rMr¼r r r!Útest_connect_with_context_fail6s  þ  ÿz4SimpleBackgroundTests.test_connect_with_context_failcCsÞt tj¡}|jtd|jt tj¡td}|  |j ¡|  ¡}|  |¡Wdƒn1s1wYt tj¡}|jt d|jt tj¡td}|  |j ¡|  ¡}|  |¡WdƒdS1shwYdS)Nrrk)r r`rVrŒrrŽr¹rrˆr=rŠrr rr˜r r r!Útest_connect_capathCs(  ÿ  ü  ÿ  "üz)SimpleBackgroundTests.test_connect_capathcCsttƒ }| ¡}Wdƒn1swYt |¡}t tj¡}|j|d|jt   t j ¡t d}|  |j ¡| ¡}| |¡Wdƒn1sNwYt tj¡}|j|d|jt   t j ¡t d}|  |j ¡| ¡}| |¡WdƒdS1s…wYdS)Nr#rk)rDr›rEr rôr`rVrŒrŽr¹rrˆr=rŠrr )r­rGrørLrMr¼rQr r r!Útest_connect_cadataZs0  ÿ   ÿ  ü  ÿ  "üz)SimpleBackgroundTests.test_connect_cadatar.z*Can't use a socket as a file under WindowscCsœtt tj¡ƒ}| |j¡| ¡}| ¡}| ¡t  |d¡| ¡t   ¡|  t ¡}t  |d¡Wdƒn1s>wY| |jjtj¡dSrw)r’r¹rr=rŠÚfilenoÚmakefilerFrrErErFrÆrr£r@rAÚEBADF)r­rÚfdrGrfr r r!Útest_makefile_closeos   ÿz)SimpleBackgroundTests.test_makefile_closecCsÀt tj¡}| |j¡| d¡t|tjdd}| |j ¡d} z |d7}|  ¡Wn$tj y>t   |ggg¡Yntj yOt   g|gg¡Ynwq"tjr^tj d|¡dSdS)NF©r€rorTrÃz9 Needed %d calls to do_handshake() to establish session. )r¹rr=rŠrlr’r r‰rErFrnrmr”r•rrrrprsrt)r­r¼Úcountr r r!Útest_non_blocking_handshake‚s.   þ ÿù ÿz1SimpleBackgroundTests.test_non_blocking_handshakecCst|g|j¢RdtiŽdS)NrQ)Ú_test_get_server_certificaterŠr›r¬r r r!Útest_get_server_certificate—r#z1SimpleBackgroundTests.test_get_server_certificatecs¢|j\}}g‰‡fdd„}|j |¡t ||f¡}|s%| d||f¡tj||ftd}|s9| d||f¡tjrGt j   d|||f¡|  ˆ||g¡dS)Ncsˆ |¡dSr)Úappend©Ússl_sockZ server_nameZinitial_context©Z server_namesr r!Ú servername_cbŸózLSimpleBackgroundTests.test_get_server_certificate_sni..servername_cbúNo server certificate on %s:%s!©rú& Verified certificate for %s:%s is %s ) rŠržrBr Úget_server_certificaterör›rrrrprsrtr£)r­rdrÆr«rør rªr!Útest_get_server_certificate_snišs   z5SimpleBackgroundTests.test_get_server_certificate_snicCst|g|j¢RŽdSr)Ú!_test_get_server_certificate_failrŠr¬r r r!Ú test_get_server_certificate_fail¯sz6SimpleBackgroundTests.test_get_server_certificate_failcCsXdd„}|j |¡| tj¡tj|jtddWdƒdS1s%wYdS)NcSst d¡dS)Nçš™™™™™É?)rxÚsleepr¨r r r!r«µr¬zPSimpleBackgroundTests.test_get_server_certificate_timeout..servername_cbçš™™™™™¹?)rr-) ržrBrÆr¹r-r r°rŠr›)r­r«r r r!Ú#test_get_server_certificate_timeout´s  ÿ"ÿz9SimpleBackgroundTests.test_get_server_certificate_timeoutc Cstt tj¡tjdd}| |j¡Wdƒn1swYtt tj¡tjdd}| |j¡Wdƒn1s?wY| tjd¡5t tj¡}t|tjdd}| |j¡Wdƒn1skwYWdƒdSWdƒdS1sƒwYdS)NrÚ)r€r‚rÛrÜrÝ) r’r¹rr r‰r=rŠr´r²)r­r¼rr r r!rß½s, ÿþ ÿþÿýÿ"ÿz"SimpleBackgroundTests.test_cipherscCs”t tj¡}|jtd| | ¡g¡|jt tj ¡dd}|  |j ¡|  ¡}|  |¡Wdƒn1s9wY| t| ¡ƒd¡dS)Nrr,rkrÃ)r r`rVrŒrr£rKrŽr¹rr=rŠrr rXr˜r r r!Útest_get_ca_certs_capathËs  ÿ  üz.SimpleBackgroundTests.test_get_ca_certs_capathcCs¾t tj¡}|jtdt tj¡}|jtdt tj¡}|j|dd0}| |j ¡|  |j |¡|  |j j |¡||_ |  |j |¡|  |j j |¡WdƒdS1sXwYdS)Nrr,rk) r r`rVrŒrr¹rrŽr=rŠr¾r‘Ú_sslobj)r­Zctx1Zctx2r¼rr r r!Útest_context_setget×s      "úz)SimpleBackgroundTests.test_context_setgetc Osú| dtj¡}t ¡|}d} t ¡|kr| d¡d} | d7} z||Ž} Wn tjyG} z| jtj tj fvr:‚| j} WYd} ~ nd} ~ ww|  ¡} |  | ¡| durVn| tj krl|  d¡} | rh| | ¡n| ¡qtjr{tj d| |jf¡| S)Nr-rTrÃi€z"Needed %d calls to complete %s(). )r‡rÚ SHORT_TIMEOUTrxÚ monotonicrör r²rAroZSSL_ERROR_WANT_WRITErEÚsendallrrtr{rrrprsrÏ)r­rÚincomingÚoutgoingrfrdrr-Údeadliner£rAÚretrfÚbufr r r!Ú ssl_io_loopæsB    ÿ€ü    çÿz!SimpleBackgroundTests.ssl_io_loopcCs~t tj¡}| |j¡| |j¡t ¡}t ¡}t tj ¡}|  |j ¡|  |j tj¡| t¡| ||dt¡}| |jj|¡| | ¡¡| | ¡¡| | ¡¡| t|j¡dtjvrl| | d¡¡| ||||j ¡|  | ¡¡| | ¡¡| !| ¡¡|  | ¡¡dtjvrž|  | d¡¡z | ||||j"¡Wn tj#y³Ynw| tj$|j%d¡dS)NFrur<)&r¹rrErFr=rŠr r±r`rVr rŠr£r‹r¢rŒr›r`rˆr¾r¹ÚownerrwÚcipherr5Úshared_ciphersrÆršrrÔrrrÃrnÚassertIsNotNonerƒZSSLSyscallErrorr²rt)r­rr¾r¿rMÚsslobjr r r!Útest_bio_handshake s@       ÿ  ýz(SimpleBackgroundTests.test_bio_handshakecCs¼t tj¡}| |j¡| |j¡t ¡}t ¡}t tj ¡}d|_ tj |_ |  ||d¡}| ||||j¡d}| ||||j|¡| ||||jd¡}| |d¡| ||||j¡dS)NFóFOO ésfoo )r¹rrErFr=rŠr r±r`rVrŠr‰r‹r`rÃrnrtrEr£rƒ)r­rr¾r¿rMrÈZreqrÂr r r!Útest_bio_read_write_data- s     z.SimpleBackgroundTests.test_bio_read_write_datacCs”tƒ\}}}t tj¡4}| |j¡t ¡}t ¡}|j|||d}| ||||j ¡|  ¡|  tj |j ¡WdƒdS1sCwYdS)Nrk)rŸr¹rr=rŠr r±r`rÃrnr{rÆÚ SSLEOFErrorrE)r­rržrœrr¾r¿rÈr r r!Útest_transport_eof> s  ÿ"öz(SimpleBackgroundTests.test_transport_eofN)rÏrÐrÑÚ__doc__rrr’r“r—r™ršr›rœrcrcrrr¡r¤r¦r±r³r·rßr¸rºrÃrÉrÌrÎr r r r!r‰Ûs2      %" r‰Únetworkc@s*eZdZdd„Ze ejd¡dd„ƒZdS)ÚNetworkedTestscCs¨t t¡Ett tj¡tjdd}| |j ¡|  d¡|  tdf¡}|dkr.|  d¡n |t jkr8|  d¡| |t jt jf¡WdƒdS1sMwYdS)NFr¢gH¯¼šò×z>é»rz!REMOTE_HOST responded too quicklyzNetwork unreachable.)rÚtransient_internetÚ REMOTE_HOSTr’r¹rr r¢rErFr+rÃrÀrAZ ENETUNREACHr{ÚEAGAINrÄr–r r r!Útest_timeout_connect_exP s  þ     "õz&NetworkedTests.test_timeout_connect_exz Needs IPv6cCsHt d¡t|ddƒt|ddƒWdƒdS1swYdS)Nzipv6.google.comrÒ)rrÓr¥r²r¬r r r!Ú test_get_server_certificate_ipv6` s  "þz/NetworkedTests.test_get_server_certificate_ipv6N) rÏrÐrÑrÖrcrÓrrhr×r r r r!rÑM s rÑcCspt ||f¡}|s| d||f¡tj||f|d}|s&| d||f¡tjr6tj d|||f¡dSdS)Nr­r®r¯)r r°rörrrrprsrt)ÚtestrdrÆrQrør r r!r¥g sÿr¥c Cs|z tj||ftd}Wn&tjy1}ztjr&tj d|¡WYd}~dSWYd}~dSd}~ww|  d|||f¡dS)Nr®z%s z$Got server certificate %s for %s:%s!) r r°rÍr²rrrrprsrtrö)rØrdrÆrøÚxr r r!r²r sÿ€þr²)Úmake_https_serverc@sdeZdZGdd„dejƒZ     ddd„Zdd „Zd d „Zdd d „Z dd„Z dd„Z dd„Z dS)rÌc@s@eZdZdZdd„Zdd„Zdd„Zdd „Zd d „Zd d „Z dS)z$ThreadedEchoServer.ConnectionHandlerzºA mildly complicated class, because we want it to work both with and without the SSL wrapper around the socket connection, so that we can test the STARTTLS functionality.cCs@||_d|_||_||_|j d¡d|_tj |¡d|_ dS©NFT) rÅÚrunningrÚaddrrlÚsslconnÚ threadingÚThreadÚ__init__Údaemon)r­rÅZconnsockrÝr r r!rᇠs   z-ThreadedEchoServer.ConnectionHandler.__init__c Csêz|jjj|jdd|_|jj |j ¡¡Wnttt t fyL}z&|jj  t |ƒ¡|jj r:tdt|jƒdƒd|_| ¡WYd}~dSd}~wtjtfy‹}z1|jj  t |ƒ¡|jj rntdt|jƒdƒ|jtjkr€tjdkr€d|_| ¡WYd}~dSd}~ww|jj |j ¡¡|jjjtjkrÛ|j ¡}tjr·|jj r·tj  !dt" #|¡d¡|j d¡}tjrÛ|jj rÛ|durÏtj  !d ¡n tj  !d t$|ƒ›d ¡|j %¡}tjró|jj rótj  !d t |ƒd¡dS) NTr9z' server: bad connection attempt from z: FÚdarwinz client cert is rËz client did not provide a cert z cert binary is zb z" server: connection cipher is now )&rÅr‘rŽrrÞÚselected_alpn_protocolsr§Úselected_alpn_protocolÚConnectionResetErrorÚBrokenPipeErrorÚConnectionAbortedErrorÚ conn_errorsrRÚchattyrvryrÝrÜrFr r²rrAZ EPROTOTYPErprÕrÆr‹r¢rrrrrsrtrÑrÒrXrÅ)r­rfrQZ cert_binaryrÅr r r!Ú wrap_conn‘ sJÿ € €ë   z.ThreadedEchoServer.ConnectionHandler.wrap_conncCs|jr|j ¡S|j d¡S)NrË)rÞrErrr¬r r r!rEÎ s  z)ThreadedEchoServer.ConnectionHandler.readcCs|jr |j |¡S|j |¡Sr)rÞrtrr!)r­rr r r!rtÔ s  z*ThreadedEchoServer.ConnectionHandler.writecCs"|jr |j ¡dS|j ¡dSr)rÞrFrr¬r r r!rFÚ sz*ThreadedEchoServer.ConnectionHandler.closec CsÐd|_|jjs | ¡s dS|jræz†| ¡}| ¡}|s;d|_z|j ¡|_Wn t y1Ynwd|_|  ¡n\|dkrSt j rL|jj rLtj d¡|  ¡WdS|jjrv|dkrvt j rh|jj rhtj d¡| d¡| ¡stWdSn!|jjrª|jrª|dkrªt j rŽ|jj rŽtj d ¡| d¡|j ¡|_d|_t j r©|jj r©tj d ¡ní|d krÎt j r»|jj r»tj d ¡|j d ¡}| t|ƒ d¡d¡nÉ|dkrt j rà|jj ràtj d¡z|j ¡Wn tjy}z| t|ƒ d¡d¡WYd}~n”d}~ww| d¡n‰|dkr'|j ¡dur!| d¡nv| d¡np|dkr>|j ¡}| t|ƒ d¡d¡nY|dkrW|jj ¡}| t|ƒ dd¡d¡n@|dkrp|jj ¡}| t|ƒ dd¡d¡n't j r|jj r|jr€dpd}tj d||| ¡|f¡| | ¡¡WnHt yà}z;|jjr½t j r½t|t ƒr¹t!d|j"›ƒnt#dƒz| d¡Wn t yÎYnw|  ¡d|_WYd}~nd}~ww|jsdSdS) NTFsoverz" server: client closed connection óSTARTTLSz2 server: read STARTTLS from client, sending OK... óOK óENDTLSz0 server: read ENDTLS from client, sending OK... z* server: connection is now unencrypted... s CB tls-uniquez@ server: read CB tls-unique from client, sending our CB data... ruúus-asciió óPHAz( server: initiating post handshake auth óHASCERTóTRUE óFALSE óGETCERTs VERIFIEDCHAINrÃÚbigsUNVERIFIEDCHAINZ encryptedZ unencryptedz/ server: read %r (%s), sending back %r (%s)... z Connection reset by peer: zTest server failure: sERROR )$rÜrÅÚstarttls_serverrërEÚstriprÞrƒrrrFrrrÚconnectionchattyrprsrtrrryrfÚverify_client_post_handshaker r²rr¹Úget_verified_chainrXÚto_bytesÚget_unverified_chainr¿rêrQÚConnectionErrorÚprintrÝrv)r­ÚmsgÚstrippedrÉrfrQZcertsZctyper r r!Úrunà s¼ ü    ÿ    €    $€ÿ          ÿÿ€  ÿÿ€ï·z(ThreadedEchoServer.ConnectionHandler.runN) rÏrÐrÑrÏrárërErtrFrr r r r!ÚConnectionHandler s = rNTFc Csà| r| |_n8t |dur|ntj¡|_|dur|ntj|j_|r&|j |¡|r.|j |¡|r6|j |¡| r>|j  | ¡||_ ||_ ||_ t   ¡|_t |j¡|_d|_d|_g|_g|_g|_tj |¡d|_d|_dSrÛ)r‘r r`rUr‰r‹rŒrÚset_alpn_protocolsrKrêrùr÷r¹rrrÂrÆÚflagÚactiverärÆrérßràrárâÚ _in_context) r­Z certificateÚ ssl_versionÚcertreqsÚcacertsrêrùr÷Zalpn_protocolsr‚r‘r r r!ráA s>ÿþ ÿ       zThreadedEchoServer.__init__cCs0|jrtdƒ‚d|_| t ¡¡|j ¡|S)Nz&Re-entering ThreadedEchoServer contextT)rršÚstartrßÚEventrÚwaitr¬r r r!r‹d s  zThreadedEchoServer.__enter__cGsd|_| ¡| ¡dS©NF)rÚstopr©r­rdr r r!rŒl s zThreadedEchoServer.__exit__cCs$|jstdƒ‚||_tj |¡dS)Nú4ThreadedEchoServer must be used as a context manager)rršrrßràr ©r­rr r r!r r s ÿzThreadedEchoServer.startc CsF|jstdƒ‚|j d¡|j d¡d|_|jr|j ¡|jrz*|j ¡\}}t j r;|j r;t j  dt|ƒd¡| |||¡}| ¡| ¡WnNtyj}zt j r`t j  d|›d¡WYd}~n4d}~wtyv| ¡Yn$ty™}zt j r|j rt j  dt|ƒd¡WYd}~nd}~ww|js!| ¡dS) Nrgð?r»Tz server: new connection from rËz connection timeout z connection handling failed: )rršrr+Úlistenrrrr4rrrrêrprsrtryrr rÚ TimeoutErrorÚKeyboardInterruptrÚ BaseExceptionrF)r­ZnewconnZconnaddrÚhandlerrfr r r!ry sHÿ    ÿÿ €   ÿ€þò zThreadedEchoServer.runcCs"|jdur|j ¡d|_dSdSr)rrFr¬r r r!rF˜ s   þzThreadedEchoServer.closecCs d|_dSr)rr¬r r r!r ó zThreadedEchoServer.stop) NNNNTFFNNNr) rÏrÐrÑrßràrrár‹rŒr rrFrr r r r!rÌ sA ü#  rÌc@sXeZdZGdd„dejƒZdd„Zdd„Zdd„Zd d „Z dd d „Z dd„Z dd„Z d S)ÚAsyncoreEchoServerc@s6eZdZGdd„dejƒZdd„Zdd„Zdd„Zd S) zAsyncoreEchoServer.EchoServerc@s<eZdZdd„Zdd„Zdd„Zdd„Zd d „Zd d „Zd S)z/AsyncoreEchoServer.EchoServer.ConnectionHandlercCs4t|d|dd|_tj ||j¡d|_| ¡dS)NTF)r…rƒro)r’r¹ÚasyncoreÚdispatcher_with_sendráÚ_ssl_acceptingÚ_do_ssl_handshake)r­Úconnrƒr r r!rᨠsþ z8AsyncoreEchoServer.EchoServer.ConnectionHandler.__init__cCs6t|jtjƒr|j ¡dkr| ¡|j ¡dksdS)NrT)rQr¹r rºr}Zhandle_read_eventr¬r r r!Úreadable° s ÿz8AsyncoreEchoServer.EchoServer.ConnectionHandler.readablec Cs¨z|j ¡WnGtjtjfyYdStjy"| ¡YStjy*‚tyN}z|j dt j krC| ¡WYd}~SWYd}~dSd}~wwd|_ dS)NrF) r¹rnr rmr•rÍÚ handle_closer²rrdrAZ ECONNABORTEDr©r­Úerrr r r!r¶ s ÿ€ÿ zAAsyncoreEchoServer.EchoServer.ConnectionHandler._do_ssl_handshakecCsX|jr | ¡dS| d¡}tjrtj dt|ƒ¡|s#|  ¡dS|  |  ¡¡dS)NrËz server: read %s from client ) rrrrrrrprsrtryrFr!r¿)r­rÉr r r!Ú handle_readÅ s   z;AsyncoreEchoServer.EchoServer.ConnectionHandler.handle_readcCs(| ¡tjrtj d|j¡dSdS)Nz server: closed connection %s )rFrrrrprsrtr¹r¬r r r!r Ñ sÿz)Ú __class__rÏrÅr¬r r r!Ú__str__ð szAsyncoreEchoServer.__str__cCs| t ¡¡|j ¡|Sr)r rßr rr r¬r r r!r‹ó s zAsyncoreEchoServer.__enter__cGsVtjr tj d¡| ¡tjrtj d¡| ¡tjr#tj d¡tjdddS)Nz cleanup: stopping server. z! cleanup: joining server thread. z cleanup: successfully joined. T)Z ignore_all) rrrrprsrtrrrZ close_allrr r r!rŒø s   zAsyncoreEchoServer.__exit__NcCs||_tj |¡dSr)rrßràr rr r r!r  szAsyncoreEchoServer.startcCsBd|_|jr |j ¡|jrzt d¡WnY|jsdSdS)NTrÃ)rrrrZloopr¬r r r!r s üzAsyncoreEchoServer.runcCsd|_|j ¡dSr)rrÅrFr¬r r r!r szAsyncoreEchoServer.stopr) rÏrÐrÑrr'r)rár+r‹rŒr rrr r r r!r  sD  rrÊFc Csˆi}t||dd}|¯|jt ¡||dŠ} |  t|jf¡|t|ƒt|ƒfD]C} |r7tj r7t j   d|¡|   | ¡|   ¡} |rMtj rMt j   d| ¡| | ¡krktd| dd…t| ƒ|dd… ¡t|ƒfƒ‚q(|   d ¡|r|tj r|t j   d ¡| |  ¡|  ¡|  ¡|  ¡|  ¡| j| jd œ¡|  ¡Wdƒn1s£wY|j|d <|j|d <Wdƒ|S1s½wY|S)zW Launch a server, connect a client to it and try various reads and writes. F©r‘rêrù)r†Úsessionú client: sending %r... ú client: read %r ú4bad data <<%r>> (%d) received; expected <<%r>> (%d) Néóover ú client: closing connection. )Ú compressionrÅÚpeercertÚclient_alpn_protocolr5Úsession_reusedr-Úserver_alpn_protocolsÚserver_shared_ciphers)rÌrŽr¹r=r>rÆrÇrrrrrprsrtrEr¿ÚAssertionErrorrXr’r4rÅrrår5r7r-rFrärÆ) rržÚindatarêrùÚsni_namer-rQrÅr¼ÚargÚoutdatar r r!Úserver_params_test shþ ÿÿ  ÿÿÿÿ  ù á  Þ#Ý#r?c Cs|durtj}tjdtjdtjdi|}tjr.|rdpd}tj |t  |¡t  |¡|f¡t   ¡ t  |¡}|j |O_ t  |¡} | j |O_ Wdƒn1sUwYt |d¡} | durŠt| dƒrŠ|tjkrŠ| j| krŠt   ¡ | | _Wdƒn1s…wY|jtjkr•| d¡t| |ƒ|| fD]} || _|  t¡|  t¡qžz t|| d d d } Wn)tjyÆ|rÂYdStyá} z|sÕ| jtjkrÖ‚WYd} ~ dSd} ~ ww|sòt d t  |¡t  |¡fƒ‚|d ur|| d kr t d|| d fƒ‚dSdS)a< Try to SSL-connect using *client_protocol* to *server_protocol*. If *expect_success* is true, assert that the connection succeeds, if it's false, assert that the connection fails. Also, if *expect_success* is a string, assert that it is the protocol version actually used by the connection. Nr‰r¡r¢z %s->%s %s z {%s->%s} %s rIrÚF)rêrùz5Client protocol %s succeeded with server protocol %s!Tr5z%version mismatch: expected %r, got %r)!r r‰r¡r¢rrrrprsrtZget_protocol_namerrÅr`r3ÚPROTOCOL_TO_TLS_VERSIONr‡rJrTrIrYrKrNr‹rr•rŒr›r?r²rrAÚ ECONNRESETr:)Zserver_protocolZclient_protocolÚexpect_successZ certsreqsÚserver_optionsÚclient_optionsZcerttypeZ formatstrrržZ min_versionrMrQrfr r r!Útry_protocol_comboF s† ýü þÿ   û ý   ÿ       ÿÿÿ€ÿÿÿÿ  ÿþrEc@s~eZdZdd„Zdd„Zdd„Zdd„Ze e j d ¡d d „ƒZ d d „Z dd„Z dd„Zdd„Zedƒdd„ƒZdd„Zdd„Zedƒdd„ƒZdd„Zed ƒd!d"„ƒZed#ƒd$d%„ƒZed&ƒd'd(„ƒZed)ƒd*d+„ƒZd,d-„Zd.d/„Zd0d1„Zd2d3„Zd4d5„Zd6d7„Zd8d9„Z d:d;„Z!dd?„Z#d@dA„Z$dBdC„Z%edƒdDdE„ƒZ&ed)ƒed#ƒe'dFdG„ƒƒƒZ(ed&ƒe'dHdI„ƒƒZ)ed)ƒed#ƒe'dJdK„ƒƒƒZ*ed ƒdLdM„ƒZ+dNdO„Z,e dPe j-vdQ¡dRdS„ƒZ.dTdU„Z/e e0e dVƒdW¡dXdY„ƒZ1e 2e3dZ¡d[d\„ƒZ4d]d^„Z5d_d`„Z6dadb„Z7dcdd„Z8dedf„Z9dgdh„Z:didj„Z;dkdl„Zdqdr„Z?dsdt„Z@dudv„ZAdwdx„ZBdydz„ZCd{d|„ZDd}S)~Ú ThreadedTestsc Csðtjr tj d¡tƒ\}}}|jtjtj dt ||dd|dWdƒn1s,wYd|_ |jtj tjd0|  tj ¡}t ||dd|dWdƒn1sXwY| dt|jƒ¡Wdƒn1spwY|jtj tj d/|  tj ¡}t ||dddWdƒn1s˜wY| dt|jƒ¡Wdƒn1s°wY|jtjtjd0|  tj ¡}t ||dddWdƒn1sØwY| dt|jƒ¡WdƒdS1sñwYdS) z2Basic test of an SSL client connecting to a serverrË)r†rÅT)rržrêrùr<NFz@Cannot create a client socket with a PROTOCOL_TLS_SERVER context)rržrêrù)rrrrprsrtrŸr³r rVrUr?rŠrÆr²r{rRr@)r­rržrœrfr r r!Ú test_echo– s`  ýÿýÿþú þÿþû þÿþ"ûzThreadedTests.test_echoc Cs¤tjr tj d¡tƒ\}}}t|dd}|±|jt ¡d|dŽ}|  t |j f¡|  t ¡ | ¡Wdƒn1s?wY| ¡| ¡}| |d¡| ¡}tjrptj t |¡d¡tj dt|ƒd¡d|vr~| d t |¡¡d |dvr‰| d ¡| d |¡| d |¡t |d ¡}t |d ¡} | || ¡Wdƒn1s³wYWdƒdSWdƒdS1sËwYdS)NrËF©r‘rê)ror†úCan't get peer certificate.zConnection cipher is z. r3z$No subject field in certificate: %s.r)zkMissing or invalid 'organizationName' field in certificate subject; should be 'Python Software Foundation'.r1r0)rrrrprsrtrŸrÌrŽr¹r=r>rÆrÆršrrnr rÅrÑrÒrRrör{r r±r) r­rržrœrÅr¼rQrÅÚbeforeZafterr r r!Útest_getpeercert sP    þ  ÿ ÿÿÿ  åÿ"ÿzThreadedTests.test_getpeercertc Cstjr tj d¡tƒ\}}}ttddƒ}| |j tj |B¡t |dd}|3|j t   ¡|d}| t|jf¡| ¡}| |d¡Wdƒn1sNwYWdƒn1s]wY|j tjO_ t |dd}|@|j t   ¡|d'}| tjd¡| t|jf¡Wdƒn1s—wYWdƒn1s¦wYWdƒn1sµwY| t¡t |dd}|<|j t   ¡|d}| t|jf¡| ¡}| |d¡Wdƒn1sîwYWdƒdSWdƒdS1swYdS) NrËrørTrHrkrIr‘)rrrrprsrtrŸrSr r£rùrúrÌrŽr¹r=r>rÆrr rûr´r²rŒÚCRLFILE)r­rržrœrürÅr¼rQr r r!Útest_crl_checkæ s^     ÿü€ÿ  ÿÿþ€þ€ÿ   ÿüÿ$ÿzThreadedTests.test_crl_checkc Csètjr tj d¡tƒ\}}}t|dd}|3|jt ¡|d}|  t |j f¡|  ¡}|  |d¡Wdƒn1s>wYWdƒn1sMwYt|dd}|@|jt ¡dd'}| tjd¡|  t |j f¡Wdƒn1swYWdƒn1sŽwYWdƒn1swYt|dd}|@t ¡#}| td¡ | |¡Wdƒn1sÆwYWdƒn1sÕwYWdƒdSWdƒdS1síwYdS) NrËTrHrkrIriz:Hostname mismatch, certificate is not valid for 'invalid'.z'check_hostname requires server_hostname)rrrrprsrtrŸrÌrŽr¹r=r>rÆrr r´r rSrš)r­rržrœrÅr¼rQr r r!rX sX    ÿü€ÿ  ÿþý€þ€ÿ  ÿ þ€ÿÿ"ÿz!ThreadedTests.test_check_hostnamez)test requires hostname_checks_common_namec CsLtƒ\}}}d|_t|dd}|)|jt ¡|d}| t|jf¡Wdƒn1s.wYWdƒn1s=wYttƒ\}}}d|_t|dd}|H|jt ¡|d&}|  t j ¡| t|jf¡Wdƒn1sxwYWdƒn1s‡wYWdƒdSWdƒdS1sŸwYdS)NFTrHrk) rŸrðrÌrŽr¹r=r>rÆr˜rÆr ÚSSLCertVerificationErrorrÍr r r!ró/ s8   ÿþ€ÿ  ÿÿ€þÿ"ÿz.ThreadedTests.test_hostname_checks_common_namec Csüt tj¡}| t¡| d¡t}t tj¡}| t ¡t |dd}|O|j t   ¡|d-}|  t|jf¡| ¡}| |d¡| ¡d d¡}| |dd…d ¡Wdƒn1s_wYWdƒdSWdƒdS1swwYdS© NzECDHE:ECDSA:!NULL:!aRSATrHrkrIrú-r˜)ZECDHEZECDSA)r r`rVrŒr›rKÚSIGNED_CERTFILE_ECC_HOSTNAMErUrÚSIGNED_CERTFILE_ECCrÌrŽr¹r=r>rÆrr rÅÚsplit©r­rrœržrÅr¼rQrÅr r r!Ú test_ecc_certG s*       ÿ úÿ"ÿzThreadedTests.test_ecc_certc Cst tj¡}| t¡tjj|_| d¡t }t tj ¡}|  t ¡|  t ¡t|dd}|O|jt ¡|d-}| t|jf¡| ¡}| |d¡| ¡d d¡}| |dd…d ¡Wdƒn1siwYWdƒdSWdƒdS1swYdSrO)r r`rVrŒr›r r_r\rKrQrUrrRr•rÌrŽr¹r=r>rÆrr rÅrSrTr r r!Útest_dual_rsa_ecc\ s.         ÿ úÿ"ÿzThreadedTests.test_dual_rsa_eccc Cs¸tjr tj d¡t tj¡}| t ¡t tj ¡}tj |_ d|_ | t¡gd¢}|D]U\}}t|dd}|A|jt ¡|d(}| |j|¡| t|jf¡| ¡}| |j|¡| |d¡Wdƒn1smwYWdƒn1s|wYq,t|dd}|H|jt ¡dd&}| tj¡| t|jf¡Wdƒn1s®wYWdƒn1s½wYWdƒdSWdƒdS1sÕwYdS)NrËT))ukönig.idn.pythontest.netúxn--knig-5qa.idn.pythontest.net)rWrW)sxn--knig-5qa.idn.pythontest.netrW)u(königsgäßchen.idna2003.pythontest.netú.xn--knigsgsschen-lcb0w.idna2003.pythontest.net)rXrX)s.xn--knigsgsschen-lcb0w.idna2003.pythontest.netrX)ú.xn--knigsgchen-b4a3dun.idna2008.pythontest.netrY)s.xn--knigsgchen-b4a3dun.idna2008.pythontest.netrYrHrkrIzpython.example.org)rrrrprsrtr r`rUrÚ IDNSANSFILErVr¢r‹rŠrŒr›rÌrŽr¹r£r†r=r>rÆrr rÆrS) r­ržr‘Z idn_hostnamesr†Zexpected_hostnamerÅr¼rQr r r!Útest_check_hostname_idnv sN        ÿú€ÿ€  ÿÿ€þÿ"ÿz%ThreadedTests.test_check_hostname_idnc CsDtƒ\}}}| t¡tj|_tjj|_t |ddd}|{|j t   ¡|dY}z |  t |jf¡WnAtjyP}ztjrFtj d|¡WYd}~n-d}~wtys}z|jtjkr^‚tjritj d|¡WYd}~n d}~ww| d¡Wdƒn1sƒwYWdƒdSWdƒdS1s›wYdS)zÇConnecting when the server rejects the client's certificate Launch a server with CERT_REQUIRED, and check that trying to connect to it with a wrong client certificate fails. Tr,rkú SSLError is %r Nú socket.error is %r ú'Use of invalid cert should have failed!)rŸrrÍr r¢r‹r r_r\rÌrŽr¹r=r>rÆr²rrrrprsrtrrArArö©r­rržrœrÅr¼rfr r r!Útest_wrong_cert_tls12® s:   ÿ ÿÿ€ €ü €Pïz#ThreadedTests.test_wrong_cert_tls12rôc Csxtƒ\}}}| t¡tj|_tjj|_tjj|_t |ddd}||j t   ¡|ddm}|  t |jf¡z| d¡| d¡| d¡| d¡WnAtjyj}ztjr`tj d|¡WYd}~n-d}~wty}z|jtjkrx‚tjrƒtj d |¡WYd}~n d}~ww| d ¡Wdƒn1swYWdƒdSWdƒdS1sµwYdS) NTr,F©r†Úsuppress_ragged_eofsódatarsshould have failed alreadyr\r]r^)rŸrrÍr r¢r‹r rôrIrÌrŽr¹r=r>rÆrtrEr²rrrrprsrrArArör_r r r!Útest_wrong_cert_tls13Ó sF    ÿ þÿ   € €ü €Pìz#ThreadedTests.test_wrong_cert_tls13cszt ¡‰t ¡‰t ¡‰t ˆt¡‰‡‡‡fdd„}‡‡‡‡fdd„}tj|d}| ¡z |ƒW| ¡dS| ¡w)ztA brutal shutdown of an SSL server should raise an OSError in the client when attempting handshake. cs8ˆ ¡ˆ ¡ˆ ¡\}}| ¡ˆ ¡ˆ ¡dSr)rrr4rF)ZnewsockrÝ)Ú listener_goneÚlistener_readyr¼r r!Úlistener s   z2ThreadedTests.test_rude_shutdown..listenerc s†ˆ ¡t ¡1}| tˆf¡ˆ ¡zt|ƒ}Wn ty#Ynwˆ d¡WdƒdSWdƒdS1sr’rrö)rsr©)rerfrÆr­r r!Ú connector s   ÿ ø"úz3ThreadedTests.test_rude_shutdown..connector©ÚtargetN) rßr r¹rrÂr>ràr r)r­rgrhr r )rerfrÆr¼r­r!Útest_rude_shutdownõ s  z ThreadedTests.test_rude_shutdownc Cs6tjr tj d¡t tj¡}| t ¡t tj ¡}t |dd}|o|j t   ¡tdM}z | t|jf¡Wn:tjyq}z-d}| |tj¡| |jd¡| |j|¡| |t|ƒ¡| dt|ƒ¡WYd}~nd}~wwWdƒn1s|wYWdƒdSWdƒdS1s”wYdS)NrËTrHrkz&unable to get local issuer certificater1r‘)rrrrprsrtr r`rUrr•rVrÌrŽr¹rˆr=r>rÆr²rrNr£Z verify_codeZverify_messager{ry)r­ržr‘rÅr¼rfrr r r!Útest_ssl_cert_verify_error s6      ÿ€ú€üÿ"ÿz(ThreadedTests.test_ssl_cert_verify_errorr[cCs²tjr tj d¡ttjtjdƒttjtjdtjƒttjtjdtj ƒttjtj dƒt dƒr9ttjtj dƒttjtj dƒttjtj dtjdttjtj dtjddS)z9Connecting to an SSLv2 server with various client optionsrËTFr©rDN)rrrrprsrtrEr ÚPROTOCOL_SSLv2r¡r¢rTrWÚPROTOCOL_SSLv3rr§r¨r¬r r r!Útest_protocol_sslv25 s  ÿ  ÿz!ThreadedTests.test_protocol_sslv2c Cs¦tjr tj d¡tdƒr7z ttjtj dƒWnt y6}ztjr,tj dt |ƒ¡WYd}~nd}~wwtdƒrCttjtj dƒttjtjdƒtdƒrWttjtj dƒtdƒrettjtj dtjƒttjtjdtjƒtdƒr}ttjtj dtjƒtdƒr‹ttjtj dtjƒttjtjdtjƒtdƒr£ttjtj dtjƒtdƒr²ttjtj dtjd ttjtjdtjtjBd tdƒrÑttjtj dtjd dSdS) z:Connecting to an SSLv23 server with various client optionsrËr[Tz; SSL2 client to SSL23 server test unexpectedly failed: %s NrFr)rC)rrrrprsrtrWrEr rTrnrrRrorr¡r¢r§r¦r¨)r­rÙr r r!Útest_PROTOCOL_TLSG sR ÿÿ€ý ÿ  ÿ  ÿÿzThreadedTests.test_PROTOCOL_TLSrcCsŒtjr tj d¡ttjtjdƒttjtjdtjƒttjtjdtj ƒt dƒr1ttjtj dƒttjtj dtj dttjtjdƒdS)z9Connecting to an SSLv3 server with various client optionsrËrr[FrmN)rrrrprsrtrEr ror¡r¢rWrnrTr§rr¬r r r!Útest_protocol_sslv3q s  ÿz!ThreadedTests.test_protocol_sslv3rcCs”tjr tj d¡ttjtjdƒttjtjdtjƒttjtjdtj ƒt dƒr1ttjtj dƒt dƒr=ttjtj dƒttjtj dtjddS)z8Connecting to a TLSv1 server with various client optionsrËrr[FrrmN)rrrrprsrtrEr rr¡r¢rWrnrorTr¨r¬r r r!Útest_protocol_tlsv1 s   ÿz!ThreadedTests.test_protocol_tlsv1rcCsœtjr tj d¡ttjtjdƒtdƒrttjtj dƒtdƒr)ttjtj dƒttjtj dtj dttj tjdƒttjtj dƒttj tjdƒdS)zjConnecting to a TLSv1.1 server with various client options. Testing against older TLS versions.rËúTLSv1.1r[FrrmN)rrrrprsrtrEr rrWrnrorTrªr0r¬r r r!Útest_protocol_tlsv1_1Ž s  ÿz#ThreadedTests.test_protocol_tlsv1_1r_cCsêtjr tj d¡ttjtjdtjtj Btjtj Bdt dƒr(ttjtj dƒt dƒr4ttjtj dƒttjtj dtjdttj tjdƒttjƒr\ttjtjdƒttjtjdƒttjƒrsttjtjdƒttjtjdƒdSdS) zjConnecting to a TLSv1.2 server with various client options. Testing against older TLS versions.rËúTLSv1.2)rCrDr[FrrmN)rrrrprsrtrEr r0r§r¦rWrnrorTr«rZrrr¬r r r!Útest_protocol_tlsv1_2  s*    þ ÿ  þz#ThreadedTests.test_protocol_tlsv1_2c Cs¢d}ttdddd}d}|¹t ¡}| d¡| t|jf¡tjr)t j   d¡|D]j}tjr8t j   d|¡|rD|  |¡|  ¡}n |  |¡| d¡}| ¡ ¡}|dkro| d ¡rotjrht j   d |¡t|ƒ}d}q+|d krŠ| d ¡rŠtjrƒt j   d |¡| ¡}d}q+tjr•t j   d |¡q+tjrŸt j   d¡|r§|  d¡n|  d¡|r³| ¡n | ¡WdƒdSWdƒdS1sÊwYdS)z6Switching from clear text to encrypted and back again.)smsg 1sMSG 2rìsMSG 3smsg 4rîsmsg 5smsg 6T)r÷rêrùFrËr.rËrìsokz/ client: read %r from server, starting TLS... rîz- client: read %r from server, ending TLS... z client: read %r from server r3r2N)rÌrÍr¹rlr=r>rÆrrrrprsrtrEr!rrør¿rõr’rƒrF) r­ZmsgsrÅÚwrappedr¼r;rr>rr r r!Ú test_starttls¸ stý  ÿ     ÿÿÿÿÿ€     Ò,"ÔzThreadedTests.test_starttlscCsüt|td}tjrtj d¡ttdƒ }|  ¡}Wdƒn1s#wYd}d|j t j   t¡df}tjtd}tjj||d }z+| ¡ d ¡}|rkt|ƒd krk|  t|ƒ¡}tjrktj d t|ƒ|f¡W| ¡n| ¡w| ||¡dS) z8Using socketserver to create and manage SSL connections.r;rËÚrbNrzhttps://localhost:%d/%srér‚rÊzcontent-lengthrz/ client: read %d bytes from remote server '%s' )rÚr•rrrrprsrtrDrÍrErÆrrrSr rTr›ÚurllibÚrequestÚurlopenÚinfor‡rrXrFr£)r­rÅrGrùrúÚurlr‘Zdlenr r r!Útest_socketserverñ s2    ÿÿ  ÿÿ€zThreadedTests.test_socketserverc Cs&tjr tj d¡d}ttƒ}|xtt ¡ƒ}|  d|j f¡tjr+tj d|¡| |¡|  ¡}tjr?tj d|¡||  ¡kr^|  d|dd…t|ƒ|dd…  ¡t|ƒf¡| d ¡tjrltj d ¡| ¡tjrtj d ¡WdƒdSWdƒdS1sŒwYdS) z'Check the example asyncore integration.rËrÊrïr.r/r0Nr1r2r3z client: connection closed. )rrrrprsrtrrÍr’r¹r=rÆrEr¿rörXrF)r­r;rÅr¼r>r r r!Útest_asyncore_server s@  ÿ  ÿÿÿ  ì"íz"ThreadedTests.test_asyncore_serverc sÊtjr tj d¡tttjtj tddd}|Ât t   ¡dtttjd‰ˆ  t |jf¡‡fdd„}‡fdd „}d ˆjdgtfd ˆjdd gtfd ˆjdgdd„fg}dˆjdgfdˆjdd gfd|dgfd|dgfg}d}|D]x\}}} } } || d¡} z<|| g| ¢RŽ} d |¡}|j| | | ƒ|dˆ ¡}||  ¡kr¹| dj||dd…t|ƒ| dd…t| ƒd¡Wqptyè}z"| rÍ| dj|d¡t|ƒ |¡sÞ| dj||d¡WYd}~qpd}~ww|D]m\}}} } || d¡} z+ˆ | ¡|| Ž}||  ¡kr"| d j||dd…t|ƒ| dd…t| ƒd¡WqëtyX}z(| r8| d!j|d¡t|ƒ |¡sJ| dj||d¡ˆ ¡WYd}~qëd}~wwd"}ˆ |¡tt|ƒƒ}| ˆ d#|¡t|ƒ¡| ||¡tdur–tj t|ƒ}| !|¡}ˆ |¡| ˆ ¡|¡| "t#ˆj$¡| "t#ˆj%d"g¡| "t#ˆj&d$¡| "t#ˆj'td$ƒg¡ˆ d%¡| "tˆjd#¡| "tˆjd#¡ˆ (¡WdƒdS1sÞwYdS)&z Test recv(), send() and friends.rËTF©r rr rêrù©r…rƒrr€cstdƒ}ˆ |¡}|d|…S©Nsd)rÇr)Úbr£©r¼r r!Ú _recv_into;s  z0ThreadedTests.test_recv_send.._recv_intocs"tdƒ}ˆ |¡\}}|d|…Sr…)rÇr )r†r£rÝr‡r r!Ú_recvfrom_into@s z4ThreadedTests.test_recv_send.._recvfrom_intor!r"z some.addressr½cSrOrr )rÙr r r!ÚIóz.ThreadedTests.test_recv_send..rrrr ZPREFIX_rVzsending with {}©rzpWhile sending with <<{name:s}>> bad data <<{outdata:r}>> ({nout:d}) received; expected <<{indata:r}>> ({nin:d}) Nr1)rr>Znoutr;Zninz>Failed to send with method <<{name:s}>>; expected to succeed. rzFMethod <<{name:s}>> failed with unexpected exception message: {exp:s} )rÚexpzrWhile receiving with <<{name:s}>> bad data <<{outdata:r}>> ({nout:d}) received; expected <<{indata:r}>> ({nin:d}) zAFailed to receive with method <<{name:s}>>; expected to succeed. rcrœrr2))rrrrprsrtrÌrÍr r‰rUr’r¹r=r>rÆr!rXr"r½rrrfÚformatr£rEr¿röršrRrõrÇÚctypesZc_ubyteZfrom_buffer_copyrÆr#r$r%r&r'rF)r­rÅrˆr‰Z send_methodsZ recv_methodsZ data_prefixZ meth_nameZ send_methrBrdZ ret_val_methr;rÁrr>rfZ recv_methrÉÚbufferZubyteZ bytesliker r‡r!Útest_recv_send(sê ûü  ý   üÿ   ûÿ€ ÿÿþÿ€ù  ûÿ€ ÿÿþÿ€ò       ÿ  $…zThreadedTests.test_recv_sendcCsÆttƒ}| ¡| |jdd¡t t|jf¡}| |j ¡t |dd}| |j ¡|  d¡|  |  d¡d¡|  | d¡d¡|  | ¡d¡| d¡|  |  d¡d¡|  | tƒ¡d¡dS)NF)rbrcrrË)rÌrÍr‹rErŒr¹rkr>rÆrFr’r!r£rrErlrrÇ)r­rÅr¼r r r!Útest_recv_zero°s     zThreadedTests.test_recv_zerocs°tttjtjtddd}|@tt ¡dtttjd‰ˆ t|j f¡ˆ  d¡t dƒ‰‡‡fdd„}|  tj tjf|¡ˆ  d¡ˆ ¡WdƒdS1sQwYdS)NTFrƒr„i cs ˆ ˆ¡qr)r!r ©rÂr¼r r!Ú fill_buffer×s ÿz8ThreadedTests.test_nonblocking_send..fill_buffer)rÌrÍr r‰rUr’r¹r=r>rÆrlrÇrÆr•rmrF)r­rÅr”r r“r!Útest_nonblocking_sendÄs4ûü ÿÿ  "ìz#ThreadedTests.test_nonblocking_sendcst tj¡‰d}t ˆ¡}t ¡‰d‰‡‡‡fdd„}tj|d}| ¡ˆ ¡zYz t tj¡}|  d¡|  ||f¡|  t dt |¡W| ¡n| ¡wz t tj¡}t |ƒ}|  d¡|  t d|j ||f¡W| ¡n| ¡wWd‰| ¡ˆ ¡dSd‰| ¡ˆ ¡w) NrïFcsdˆ ¡ˆ ¡g}ˆs't ˆgggd¡\}}}ˆ|vr%| ˆ ¡d¡ˆr |D]}| ¡q)dS)Nr¶r)rrr”r§r4rF)ZconnsròÚwrfr©ZfinishrÅÚstartedr r!Úserveésû ÿz3ThreadedTests.test_handshake_timeout..serverir´z timed outT)r¹rrrÂrßr ràr r r+r=r´rr’rFr)r­rdrÆr™r rsr r—r!Útest_handshake_timeoutás@     ÿ   ÿ þ z$ThreadedTests.test_handshake_timeoutc sötƒ\}}}t tj¡‰d}t ˆ¡}|jˆdd‰| ˆj¡t  ¡‰d‰d‰‡‡‡‡fdd„}tj |d}|  ¡ˆ  ¡|jt ¡|d}|  ||f¡| d¡| ¡| ¡} | ¡| ¡ˆ ¡ˆ ¡| ˆtj¡| ˆ| ¡dS) NrïTr9cs0ˆ ¡ˆ ¡ˆ ¡\‰‰ˆ ˆ d¡¡dS)Nrü)rrr4r!rr ©ZevtZpeerZremoterÅr r!r™s z/ThreadedTests.test_server_accept..serverirkrc)rŸr¹rrrÂrŽr r…rßr ràr r r=r!rrqrFrrr rºr£) r­r„r…rœrdrÆr™r r†Z client_addrr r›r!Útest_server_accepts4     ÿ z ThreadedTests.test_server_acceptc CóŠt tj¡}d|_| t ¡¡+}| t¡ }| ¡Wdƒn1s%wY|  |j j t j ¡WdƒdS1s>wYdSr) r r`rVrŠrŽr¹rÆrrr£r@rAÚENOTCONN©r­r‘rr6r r r!Útest_getpeercert_enotconn:ó   ÿ"ýz'ThreadedTests.test_getpeercert_enotconnc Crr) r r`rVrŠrŽr¹rÆrrnr£r@rAržrŸr r r!Útest_do_handshake_enotconnBr¡z(ThreadedTests.test_do_handshake_enotconnc CsÖtƒ\}}}tjj|_| d¡| d¡t|d>}|jt ¡|d%}|  t ¡|  t |j f¡Wdƒn1s=wYWdƒn1sLwYWdƒn1s[wY| d|jd¡dS)NZAES128ÚAES256rÊrkzno shared cipherr)rŸr r r_r\rKrÌrŽr¹rÆrr=r>rÆr{rérÍr r r!Útest_no_shared_ciphersJs"      ÿ ÿ€þ€ÿz$ThreadedTests.test_no_shared_ciphersc CsÚt tj¡}d|_tj|_tttjddN}|  t   ¡¡'}|  |  ¡d¡|  |j d¡| t|jf¡| |  ¡d¡Wdƒn1sGwY|  |j d¡|  |  ¡d¡WdƒdS1sfwYdS)zt Basic tests for SSLSocket.version(). More tests are done in the test_protocol_*() methods. F)rrêNúTLSv1.3)r r`rVrŠr‰r‹rÌrÍrUrŽr¹r¾r5r¹r=r>rÆr£)r­r‘rÅr¼r r r!Útest_version_basicXs" þü"÷z ThreadedTests.test_version_basicc CsÀtƒ\}}}tjj|_t|dF}|jt ¡|d$}| t |j f¡|  |  ¡dhd£¡|  | ¡d¡Wdƒn1sAwYWdƒdSWdƒdS1sYwYdS)NrÊrkr>ZTLS_AES_128_GCM_SHA256ZTLS_AES_256_GCM_SHA384ZTLS_CHACHA20_POLY1305_SHA256r¥)rŸr r rôrIrÌrŽr¹r=r>rÆr{rÅr£r5rÍr r r!Ú test_tls1_3ks    ÿøÿ"ÿzThreadedTests.test_tls1_3c CsÆtƒ\}}}tjj|_tjj|_tjj|_tjj|_t|d:}|jt   ¡|d}|  t |j f¡|  | ¡d¡Wdƒn1sDwYWdƒdSWdƒdS1s\wYdS)NrÊrkrv)rŸr r rrIr_r\rÌrŽr¹r=r>rÆr£r5rÍr r r!Útest_min_max_version_tlsv1_2zs       ÿýÿ"ÿz*ThreadedTests.test_min_max_version_tlsv1_2c CsÐtƒ\}}}tjj|_tjj|_tjj|_tjj|_t||ƒt |d:}|j t   ¡|d}|  t |jf¡| | ¡d¡Wdƒn1sIwYWdƒdSWdƒdS1sawYdS)NrÊrkrt)rŸr r rrIr_r\rrNrÌrŽr¹r=r>rÆr£r5rÍr r r!Útest_min_max_version_tlsv1_1Œs"        ÿýÿ"ÿz*ThreadedTests.test_min_max_version_tlsv1_1c Csþtƒ\}}}tjj|_tjj|_tjj|_tjj|_t||ƒt|dQ}|j t   ¡|d/}|  tj ¡}|  t|jf¡Wdƒn1sHwY| dt|jƒ¡Wdƒn1s`wYWdƒdSWdƒdS1sxwYdS)NrÊrkZalert)rŸr r r_r\rIrrNrÌrŽr¹rÆr²r=r>rÆr{rRr@r_r r r!Útest_min_max_version_mismatchs&        ÿÿüÿ"ÿz+ThreadedTests.test_min_max_version_mismatchc CsÆtƒ\}}}tjj|_tjj|_tjj|_t||ƒt|d:}|jt   ¡|d}|  t |j f¡|  | ¡d¡Wdƒn1sDwYWdƒdSWdƒdS1s\wYdS)NrÊrkr)rŸr r rrIr\rNrÌrŽr¹r=r>rÆr£r5rÍr r r!Útest_min_max_version_sslv3°s       ÿýÿ"ÿz(ThreadedTests.test_min_max_version_sslv3c Cs¬tƒ\}}}tjj|_t|d<}|jt ¡|d}| t |j f¡|  d|  ¡d¡Wdƒn1s7wYWdƒdSWdƒdS1sOwYdS)NrÊrkZECDHr) rŸr r r_r\rÌrŽr¹r=r>rÆr{rÅrÍr r r!Útest_default_ecdh_curve¾s    ÿýÿ"ÿz%ThreadedTests.test_default_ecdh_curverurvc Cstjr tj d¡tƒ\}}}t|ddd}|ß|jt ¡|dS}|  t |j f¡|  d¡}tjrrÆrrrŽrÇr5r£rXrErøryrfÚassertNotEqual) r­rržrœrÅr¼Zcb_dataZpeer_data_reprZ new_cb_datar r r!rxÏsp  þþ ÿ     ÿìþ ÿÿ      ÿíç"çz-ThreadedTests.test_tls_unique_channel_bindingcCsRtƒ\}}}t||dd|d}tjrtj d |d¡¡| |dhd£¡dS)NT©rêrùr<z got compression: {!r} r4>NZZLIBZRLE) rŸr?rrrrprsrtrŽr{©r­rržrœrQr r r!Útest_compression s þzThreadedTests.test_compressionr>z*ssl.OP_NO_COMPRESSION needed for this testcCsRtƒ\}}}|jtjO_|jtjO_t||dd|d}| |dd¡dS)NTr°r4)rŸr3r r>r?r¾r±r r r!Útest_compression_disableds þz'ThreadedTests.test_compression_disabledr-cCs–tƒ\}}}tjj|_| t¡| d¡tjj|_t||dd|d}|dd}|  d¡}d|vrEd|vrGd |vrI|  d |d¡dSdSdSdS) NZkEDHTr°rÅrrPZADHZEDHZDHEzNon-DH cipher: ) rŸr r r_r\r/r0rKr?rSrö)r­rržrœrQrÅÚpartsr r r!Útest_dh_paramss     þ   ÿzThreadedTests.test_dh_paramscCsðtƒ\}}}| d¡| d¡tjj|_t||dd|d}tƒ\}}}| d¡| d¡tjj|_t||dd|d}tƒ\}}}| d¡| d¡| d¡tjj|_| tj ¡t||dd|dWdƒdS1sqwYdS)NZ secp384r1zECDHE:!eNULL:!aNULLTr°r:) rŸr=rKr r r_rIr?rÆr²r±r r r!Útest_ecdh_curve0s6    þ    þ     þ"ÿzThreadedTests.test_ecdh_curvecCs2tƒ\}}}t||dd|d}| |dd¡dS)NTr°r6)rŸr?r¾r±r r r!Útest_selected_alpn_protocolOs þz)ThreadedTests.test_selected_alpn_protocolcCs@tƒ\}}}| ddg¡t||dd|d}| |dd¡dS)Nr;ÚbarTr°r6)rŸrr?r¾r±r r r!Ú/test_selected_alpn_protocol_if_server_uses_alpnWs þz=ThreadedTests.test_selected_alpn_protocol_if_server_uses_alpnc Csgd¢}ddgdfddgdfdgdfddgdfg}|D]j\}}tƒ\}}}| |¡| |¡z t||dd|d}WntjyO} z| }WYd} ~ nd} ~ wwd t|ƒt|ƒt|ƒf} |d } | | || | d f¡t|d ƒrx|d d nd} | | || | df¡qdS)N)r;r¸Ú milkshaker;r¸rºzhttp/3.0zhttp/4.0Tr°zKfailed trying %s (s) and %s (c). was expecting %s, but got %%s from the %%sr6r†r8rœZnothingrÅ)rŸrr?r r²rRr£rX) r­Zserver_protocolsZprotocol_testsZclient_protocolsr¤rržrœrQrfrZ client_resultZ server_resultr r r!Útest_alpn_protocols`sL   ü     ü€ÿ ÿþ ÿ ÿÿ ÿéz!ThreadedTests.test_alpn_protocolscCrOrr r¬r r r!Útest_npn_protocols‚r‹z ThreadedTests.test_npn_protocolscCsLt tj¡}| t¡t tj¡}| t¡t tj¡}| t¡|||fSr) r r`rUrr•r–rVrŒr›)r­ržÚ other_contextrr r r!Ú sni_contexts…s       zThreadedTests.sni_contextscCs"|d}| d|ff|d¡dS)Nr5r+r3)r{)r­rQrrQr r r!Úcheck_common_nameŽszThreadedTests.check_common_namecsÊg‰| ¡\}‰}d|_‡‡fdd„}| |¡t||ddd}| ˆd|fg¡| |d¡g‰t||ddd}| ˆd|fg¡| |t¡g‰| d¡t||ddd}| |t¡| ˆg¡dS) NFcs$ˆ ||f¡|durˆ|_dSdSr)r§r‘r¨©Zcallsr½r r!r«˜s ÿz6ThreadedTests.test_sni_callback..servername_cbTÚ supermessage©rêr<r:Znotfunny)r¾rŠrBr?r£r¿rˆ)r­ržrr«rQr rÀr!rC’s4 þ þ  þ zThreadedTests.test_sni_callbackcCsp| ¡\}}}dd„}| |¡| tj¡}t||ddd}Wdƒn1s)wY| |jjd¡dS)NcSstjSr)r ZALERT_DESCRIPTION_ACCESS_DENIEDr¨r r r!Úcb_returning_alert¾szAThreadedTests.test_sni_callback_alert..cb_returning_alertFrÁrÂZTLSV1_ALERT_ACCESS_DENIED) r¾rBrÆr r²r?r£r@ri)r­ržr½rrÃr6rQr r r!Útest_sni_callback_alertºs þÿz%ThreadedTests.test_sni_callback_alertc Cóª| ¡\}}}dd„}| |¡t ¡7}| tj¡}t||ddd}Wdƒn1s.wY| |j j d¡| |j j t ¡WdƒdS1sNwYdS)NcSs dddS)NrÃrr r¨r r r!Ú cb_raisingËr¾z;ThreadedTests.test_sni_callback_raising..cb_raisingFrÁrÂZSSLV3_ALERT_HANDSHAKE_FAILURE)r¾rBrÚcatch_unraisable_exceptionrÆr r²r?r£r@riÚ unraisableÚexc_typeÚZeroDivisionError)r­ržr½rrÆÚcatchr6rQr r r!Útest_sni_callback_raisingÇs  þÿ ÿ"øz'ThreadedTests.test_sni_callback_raisingc CrÅ)NcSr )Nr;r r¨r r r!Úcb_wrong_return_typeÞrPzOThreadedTests.test_sni_callback_wrong_return_type..cb_wrong_return_typeFrÁrÂZTLSV1_ALERT_INTERNAL_ERROR)r¾rBrrÇrÆr r²r?r£r@rirÈrÉrµ)r­ržr½rrÍrËr6rQr r r!Ú#test_sni_callback_wrong_return_typeÙs  þÿ"øz1ThreadedTests.test_sni_callback_wrong_return_typec s†tƒ\}}}| d¡| d¡gd¢}t|||d}|dd}| t|ƒd¡|D]\‰}}t‡fdd„|Dƒƒs@| ˆ¡q+dS) Nz AES128:AES256z AES256:eNULL)r£zAES-256Z TLS_CHACHA20ZTLS_AES©r<r9rc3s|]}|ˆvVqdSrr )râZalgrr r!rãûräz4ThreadedTests.test_shared_ciphers..)rŸrKr?Ú assertGreaterrXÚanyrö) r­rržrœZ expected_algsrQr‚Z tls_versionÚbitsr rr!Útest_shared_ciphersìs   ÿ  €þz!ThreadedTests.test_shared_cipherscCsŒtƒ\}}}t|dd}|.|jt ¡|d}| t|jf¡| ¡| t |j d¡| t |j d¡WdƒdS1s?wYdS)NFrHrkrËshello) rŸrÌrŽr¹r=r>rÆrFrÆršrErtrÍr r r!Ú,test_read_write_after_close_raises_valuerrorþs   ÿ"ùz:ThreadedTests.test_read_write_after_close_raises_valuerrorc Cs&d}ttjdƒ }| |¡Wdƒn1swY| tjtj¡tƒ\}}}t|dd}|V|jt   ¡|d4}|  t |j f¡ttjdƒ}|  |¡| | d¡|¡Wdƒn1sewYWdƒn1stwYWdƒdSWdƒdS1sŒwYdS)NsxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxÚwbFrHrkrzrË)rDrÚTESTFNrtrEÚunlinkrŸrÌrŽr¹r=r>rÆÚsendfiler£r) r­Z TEST_DATArGrržrœrÅr¼Úfiler r r!Ú test_sendfile s, ÿ   ÿ þ€ýÿ"ÿzThreadedTests.test_sendfilec Cs0tƒ\}}}tjj|_t|||d}|d}| |j¡| |j d¡| |j d¡| |j ¡| |j d¡|  |d¡| ¡}| |dd¡| |dd¡t||||d}| ¡}| |dd ¡| |dd¡| |d¡|d}| |j|j¡| ||¡| ||¡| |j |j ¡| |j |j ¡t|||d}|  |d¡|d}| |j|j¡| ||¡| ¡}| |dd ¡| |dd¡t||||d}| |d¡|d} | | j|j¡| | |¡| | j |j ¡| | j |j ¡| ¡}| |dd ¡| |dd ¡dS) NrÏr-rr7r4rÃr5)r-r<r˜rrü)rŸr r r_r\r?r ÚidrÐrxr-Z has_ticketZticket_lifetime_hintrír7r£Z assertIsNotrr¯) r­rržrœrQr-Z sess_statZsession2Zsession3Zsession4r r r!Ú test_sessionsd  ÿ  ÿ  ÿ ÿ zThreadedTests.test_sessionc Cs¨tƒ\}}}tƒ\}}}tjj|_tjj|_t|dd}|*|jt ¡|dG}| |j d¡| |j d¡|  t |j f¡|j }| |¡| t¡ } t|_ Wdƒn1s[wY| t| jƒd¡Wdƒn1sswY|jt ¡|d1}|  t |j f¡| t¡ } ||_ Wdƒn1swY| t| jƒd¡Wdƒn1sµwY|jt ¡|d*}||_ |  t |j f¡| |j j|j¡| |j |¡| |j d¡Wdƒn1sðwY|jt ¡|d2}| t¡} ||_ |  t |j f¡Wdƒn 1swY| t| jƒd¡Wdƒn1s4wYWdƒdSWdƒdS1sMwYdS)NFrHrkzValue is not a SSLSession.z#Cannot set session after handshake.Tz)Session refers to a different SSLContext.)rŸr r r_r\rÌrŽr¹r£r-r7r=r>rÆr rÆrµr+rRr@ršrÛ) r­rržrœZclient_context2r‡rÅr¼r-rfr r r!Útest_session_handlingSsr      ÿ  ÿö ÿ ÿ ÿú ÿø ÿ þ ÿ úà $àz#ThreadedTests.test_session_handlingN)ErÏrÐrÑrGrKrMrXrcrÓr rñrórUrVr[r`rlrdrkrlrprqrrrsrurwryrr‚r‘r’r•ršrœr r¢r¤r¦r§rÒr¨r©rªr«r¬rÔrxr²rJr³rcrdrµr¶r·r¹r»r¼r¾r¿rCrÄrÌrÎrÓrÔrÚrÜrÝr r r r!rF” s¨,$(!ÿ 8% !) *    9 1(    ÿ : ÿ   " (   9rFrôzTest needs TLS 1.3c@sdeZdZdd„Zdd„Zdd„Zdd„Zd d „Zd d „Zd d„Z dd„Z dd„Z dd„Z dd„Z dS)ÚTestPostHandshakeAuthcCs¼tjtjg}|D]S}t |¡}| |jd¡d|_| |jd¡tj|_| |jtj¡| |jd¡d|_| |jtj¡| |jd¡tj|_d|_| |jtj¡| |jd¡qdSrÛ) r rUrVr`r£Úpost_handshake_authr¢r‹r¡)r­r5rYrMr r r!Útest_pha_setterˆs$ÿ îz%TestPostHandshakeAuth.test_pha_setterc CsHtƒ\}}}d|_tj|_d|_| t¡t|dd}|}|jt   ¡|d[}|  t |j f¡|  d¡| | d¡d¡|  d¡| | d¡d ¡|  d¡| | d¡d ¡|  d¡| | d¡d ¡|  d ¡| d ¡ d ¡}| d|¡Wdƒn1s…wYWdƒdSWdƒdS1swYdS)NTFrHrkròrËrôrñrírórõirïr6)rŸrßr r¢r‹rr•rÌrŽr¹r=r>rÆrtr£rrgr{)r­rržrœrÅr¼Z cert_textr r r!Útest_pha_required s6    ÿ     òÿ"ÿz'TestPostHandshakeAuth.test_pha_requiredc Cs tƒ\}}}d|_tj|_d|_dd„}||_||_t|dd}|d|jt ¡|ddA}|  t |j f¡|  d¡|  tjd¡| d ¡}| |d ¡|  d ¡| d ¡Wdƒn1sbwYWdƒn1sqwYWdƒdSWdƒdS1s‰wYdS) NTcSs@tjr|tjkr||||||f}tj d|›d¡dSdSdS)NzTLS: rË)rrrr ZALERTrprsrt)rÚ directionr5Ú content_typeÚmsg_typerÉrr r r!Úmsg_cb¿sþz>TestPostHandshakeAuth.test_pha_required_nocert..msg_cbrHFrarñz#(certificate required|EOF occurred)rËrírò)rŸrßr r¢r‹Ú _msg_callbackrÌrŽr¹r=r>rÆrtr´r²rr£)r­rržrœrårÅr¼rÉr r r!Útest_pha_required_nocert¹s<   þ þ    ô€ùÿ"ÿz.TestPostHandshakeAuth.test_pha_required_nocertc Cs tjr tj d¡tƒ\}}}d|_tj|_ d|_|  t ¡tj |_ t |dd}|\|jt ¡|d:}| t|jf¡| d¡| | d¡d¡| d ¡| | d¡d ¡| d¡| | d¡d ¡Wdƒn1sqwYWdƒdSWdƒdS1s‰wYdS) NrËTFrHrkròrËrôrñríró)rrrrprsrtrŸrßr r¢r‹rr•r¡rÌrŽr¹r=r>rÆr£rrÍr r r!Útest_pha_optionalÞs2     ÿ   øÿ"ÿz'TestPostHandshakeAuth.test_pha_optionalc Cstjr tj d¡tƒ\}}}d|_tj|_ d|_t |dd}|\|j t   ¡|d:}|  t|jf¡| d¡| | d¡d¡| d ¡| | d¡d ¡| d¡| | d¡d¡Wdƒn1shwYWdƒdSWdƒdS1s€wYdS) NrËTFrHrkròrËrôrñrí)rrrrprsrtrŸrßr r¡r‹rÌrŽr¹r=r>rÆr£rrÍr r r!Útest_pha_optional_nocertös.    ÿ   ÷ÿ"ÿz.TestPostHandshakeAuth.test_pha_optional_nocertc Csþtƒ\}}}d|_tj|_| t¡t|dd}|[|jt   ¡|d9}|  t |j f¡|  tjd¡ | ¡Wdƒn1sCwY| d¡| d| d¡¡Wdƒn1s`wYWdƒdSWdƒdS1sxwYdS) NTFrHrkz not serverrñsextension not receivedrË)rŸrßr r¢r‹rr•rÌrŽr¹r=r>rÆr´r²rúrtr{rrÍr r r!Útest_pha_no_pha_client s(    ÿ ÿ úÿ"ÿz,TestPostHandshakeAuth.test_pha_no_pha_clientc Cstƒ\}}}tj|_d|_| t¡t|dd}|\|jt   ¡|d:}|  t |j f¡|  d¡| | d¡d¡|  d¡| | d¡d ¡|  d¡| | d¡d¡Wdƒn1sawYWdƒdSWdƒdS1sywYdS) NTFrHrkròrËrórñrí)rŸr r¢r‹rßrr•rÌrŽr¹r=r>rÆrtr£rrÍr r r!Útest_pha_no_pha_servers*    ÿ   ÷ÿ"ÿz,TestPostHandshakeAuth.test_pha_no_pha_serverc CsÒtƒ\}}}tj|_tjj|_d|_| t ¡t |dd}|@|j t   ¡|d}|  t|jf¡| d¡| d| d¡¡Wdƒn1sJwYWdƒdSWdƒdS1sbwYdS)NTFrHrkrñsWRONG_SSL_VERSIONrË)rŸr r¢r‹r r_r\rßrr•rÌrŽr¹r=r>rÆrtr{rrÍr r r!Útest_pha_not_tls130s$     ÿ ûÿ"ÿz(TestPostHandshakeAuth.test_pha_not_tls13c CsHt}t tj¡}d|_| t¡d|_tj|_ t tj ¡}| t¡|  t ¡d|_tj |_ t|dd}|d|jt ¡|dB}| t|jf¡| d¡| | d¡d¡| d¡| | d¡d ¡| d¡| | d¡d ¡| | ¡i¡Wdƒn1s…wYWdƒdSWdƒdS1swYdS) NTFrHrkròrËrôrñríró)rˆr r`rVrßrr•rŠr‰r‹rUrŒr›r¢rÌrŽr¹r=r>rÆrtr£rr)r­rœrržrÅr¼r r r!Útest_bpo37428_pha_cert_noneAs:       ÿ   öÿ"ÿz1TestPostHandshakeAuth.test_bpo37428_pha_cert_nonec CsÊtdd\}}}t|dd}|Ë|jt ¡|d©}| t|jf¡|j ¡}|  t |ƒd¡|\}}|j  ¡} |  t | ƒd¡|  || d¡|  t |ƒt | dƒ¡|  t |ƒt | dƒ¡| ||¡| t |ƒt |ƒ¡| t |ƒt |ƒ¡| | ¡| ¡¡| dt |ƒ¡| d t |ƒ¡| tj¡} | tj¡} | | t¡| d | ¡| | t¡|  t | ¡| ¡Wdƒn1sÆwYWdƒdSWdƒdS1sÞwYdS) NFr“rHrkr˜rÃrz CN=localhostzCN=our-ca-serverz-----BEGIN CERTIFICATE-----)rŸrÌrŽr¹r=r>rÆr¹rûr£rXrýÚhashryr¯Zget_infor{Z public_bytesr°Z ENCODING_PEMZ ENCODING_DERrrRrr rô) r­rržrœrÅr¼ZvcÚeeÚcaZuvcrørLr r r!Útest_internal_chain_client`sJ ÿ þ         ÿåÿ"ÿz0TestPostHandshakeAuth.test_internal_chain_clientc Csðtƒ\}}}| t¡tj|_tjj|_t |dd}|R|j t   ¡|d0}|  t |jf¡| d¡| d¡}| |d¡| d¡| d¡}| |d¡Wdƒn1sYwYWdƒdSWdƒdS1sqwYdS)NFrHrksVERIFIEDCHAIN rËs sUNVERIFIEDCHAIN )rŸrr•r r¢r‹r r_r\rÌrŽr¹r=r>rÆrtrr£)r­rržrœrÅr¼Úresr r r!Útest_internal_chain_server…s,    þ     öÿ"ÿz0TestPostHandshakeAuth.test_internal_chain_serverN)rÏrÐrÑràrárçrèrérêrërìrírñrór r r r!rÞ†s% %rÞÚkeylog_filenamez0test requires OpenSSL 1.1.1 with keylog callbackc@sŠeZdZejfdd„Zee e d¡dd„ƒƒZ ee e d¡dd„ƒƒZ ee e j jd¡e e d¡d d „ƒƒƒZd d „Zd d„Zdd„ZdS)Ú TestSSLDebugcCs8t|ƒ}tt|ƒƒWdƒS1swYdSr)rDrXrŽ)r­ZfnamerGr r r!Ú keylog_lines s  $ÿzTestSSLDebug.keylog_linesr-cCs | tjtj¡t tj¡}| |jd¡|  t j   tj¡¡tj|_| |jtj¡|  t j   tj¡¡| | ¡d¡d|_| |jd¡| ttf¡t j  t j  tj¡¡|_Wdƒn1sewY| t¡ d|_WdƒdS1s~wYdS)NrÃ)rErr×rÖr r`rVr£rôrírrÚisfiler rörÆÚIsADirectoryErrorÚPermissionErrorrÚabspathrµrÞr r r!Útest_keylog_defaults¤s$  ÿþ "ÿz!TestSSLDebug.test_keylog_defaultsc CsØ| tjtj¡tƒ\}}}tj|_t|dd}|)|jt ¡|d}|  t |j f¡Wdƒn1s7wYWdƒn1sFwY|  |  ¡d¡d|_tj|_t|dd}|)|jt ¡|d}|  t |j f¡Wdƒn1swYWdƒn1sŽwY| |  ¡d¡tj|_tj|_t|dd}|)|jt ¡|d}|  t |j f¡Wdƒn1sÈwYWdƒn1s×wY| |  ¡d¡d|_d|_dS)NFrHrkr}é é)rErr×rÖrŸrôrÌrŽr¹r=r>rÆr£rörrÍr r r!Útest_keylog_filename¼sT   ÿþ€ÿ  ÿþ€ÿ  ÿþ€ÿ z!TestSSLDebug.test_keylog_filenamez.test is not compatible with ignore_environmentcCs°| tjtj¡tjj tj ¡>tjtj d<|  tj dtj¡t   t j ¡}|  |jd¡t  ¡}|  |jtj¡t  ¡}|  |jtj¡WdƒdS1sQwYdS)NZ SSLKEYLOGFILE)rErr×rÖrcZmockrÚdictrÚenvironr£r r`rVrôrTrVrÞr r r!Útest_keylog_envàs  "õzTestSSLDebug.test_keylog_envcCsntƒ\}}}dd„}| |jd¡||_| |j|¡| t¡ tƒ|_WdƒdS1s0wYdS)NcSrOrr ©rrâr5rãrärÉr r r!råörPz.TestSSLDebug.test_msg_callback..msg_cb)rŸr¾rærÆrµr+)r­rržrœrår r r!Útest_msg_callbackós   "ÿzTestSSLDebug.test_msg_callbackc sØtƒ\}}}tjj|_g‰‡‡fdd„}||_t|dd}|)|jt ¡|d}|  t |j f¡Wdƒn1s.msg_cbFrHrkrErt)rŸr r r_r\rærÌrŽr¹r=r>rÆr{r Z HANDSHAKEr ZSERVER_KEY_EXCHANGEZCHANGE_CIPHER_SPEC)r­rržrœrårÅr¼r rr!Útest_msg_callback_tls12ÿs6    ÿþ€ÿ ÿý ÿýz$TestSSLDebug.test_msg_callback_tls12c stƒ\}}}tƒd‰dd„}‡fdd„}||_||_t|dd}|S|jt ¡|d}| t|jf¡Wdƒn1s@wY|jt ¡|d}| t|jf¡Wdƒn1sawYWdƒdSWdƒdS1sywYdS) NrÃcSrOrr rr r r!rå"rPz@TestSSLDebug.test_msg_callback_deadlock_bpo43577..msg_cbcs ˆ|_dSrrÊr?©Zserver_context2r r!Úsni_cb%rz@TestSSLDebug.test_msg_callback_deadlock_bpo43577..sni_cbFrHrk) rŸræZ sni_callbackrÌrŽr¹r=r>rÆ)r­rržrœrårrÅr¼r rr!Ú#test_msg_callback_deadlock_bpo43577s.     ÿþ ÿþü"üz0TestSSLDebug.test_msg_callback_deadlock_bpo43577N)rÏrÐrÑrrÖröÚrequires_keylogrcrcrdrûrþrpÚflagsÚignore_environmentrrrrr r r r!rõžs"    " ÿ  rõc Cs | tjtjt ddd¡¡dS)NÚiirÃr)Ú setsockoptr¹Ú SOL_SOCKETÚ SO_LINGERÚstructÚpack)rr r r!Ú)set_socket_so_linger_on_with_zero_timeout5s rc@sBeZdZdZGdd„dejƒZdd„Zdd„Zdd „Z d d „Z d S) ÚTestPreHandshakeClosezQVerify behavior of close sockets with received data before to the handshake. csFeZdZddœ‡fdd„ Zdd„Zdd„Z‡fd d „Zd d „Z‡ZS) z6TestPreHandshakeClose.SingleConnectionTestServerThreadN)r-csH||_d|_d|_d|_d|_|durtj|_n||_tƒj |ddS)NrËr) Úcall_after_acceptÚ received_dataÚ wrap_errorrgrÆrr»r-Úsuperrá)r­rrr-©r*r r!rá?s z?TestPreHandshakeClose.SingleConnectionTestServerThread.__init__cCs | ¡|Sr)r r¬r r r!r‹Ksz@TestPreHandshakeClose.SingleConnectionTestServerThread.__enter__cGs:z |jr |j ¡Wn tyYnw| ¡d|_dSr)rgrFrrrrr r r!rŒOs € ÿ z?TestPreHandshakeClose.SingleConnectionTestServerThread.__exit__csxt tjj¡|_tj|j_|jjtd|jj tt dt   ¡|_ t  |j ¡|_|j  |j¡|j  d¡tƒ ¡dS)Nr{r<rÃ)r rTrªr¬Ússl_ctxr¢r‹rŒrrrr¹rgrrÂrÆr+r-rrr r¬rr r!r Xs   z.call_after_acceptZpreauth_data_to_tls_server©rrFsDELETE /data HTTP/1.0 rËúbefore TLS handshake with datarÃrúattr must existrŒ)rßr rr‹rErŒr¹r=rgrqrrlr r!rFrrrr£rrrr#r r²r{rdrir¯rwrh)r­rrÅr†rr r%r!Útest_preauth_data_to_tls_server’sDþ     ø   ÿz5TestPreHandshakeClose.test_preauth_data_to_tls_serverc s’t ¡‰t ¡‰‡‡fdd„}|j|dd}| ¡| |j¡t|jƒt ¡N}|  |j  ¡¡ˆ  ¡ˆ  t j¡sA| d¡t ¡}z |j|dd}Wntyd}z |}d}WYd}~nd}~wwd}| d ¡}| ¡Wdƒn1szwY| ¡z@| d|¡| |t¡| |¡| |tj¡| d |jd ¡| d |j¡| d |jd ¡|j|j d dWd}d}dSd}d}w)Ncs:ˆ tj¡s tdƒt|ƒ| d¡| ¡ˆ ¡dS)Nz ERROR: test client took too longsWHTTP/1.0 307 Temporary Redirect Location: https://example.com/someone-elses-server T)r rr»rÿrr!rFr©Zconn_to_client©Z$client_can_continue_with_wrap_socketZ$server_can_continue_with_wrap_socketr r!rÃs ÿzPTestPreHandshakeClose.test_preauth_data_to_tls_client..call_after_acceptZpreauth_data_to_tls_clientr&ztest server took too longr,rkrËrr'rÃrr(rŒ)!rßr rr‹rErŒrrgr¹r=rqrr rr»rör rTrŽrrrFrr£rr#r²r{rdrir¯rwrh) r­rrÅr†rZ tls_clientr"rrr r+r!Útest_preauth_data_to_tls_client¿sXþ      ÿ€þ €ð   ÿz5TestPreHandshakeClose.test_preauth_data_to_tls_clientcsÐt ¡‰G‡fdd„dtjjƒ}‡fdd„}d}|j|d|d}| ¡| |j¡t |j ƒ||j   ¡d|j t  ¡|d }| t¡|jd d d d id| ¡}Wdƒn1s]wY| ¡dS)NcseZdZ‡fdd„ZdS)zeTestPreHandshakeClose.test_https_client_non_tls_response_ignored..SynchronizedHTTPSConnectioncsFtjj |¡ˆ tj¡stjrtj   d¡|j j |j |jd|_ dS)Nz"server_responding event never set.rk)Úhttpr†ZHTTPConnectionr=r rr»rrrprsrtZ_contextrŽrrdr¬©Zserver_respondingr r!r=ÿs   ÿzmTestPreHandshakeClose.test_https_client_non_tls_response_ignored..SynchronizedHTTPSConnection.connectN)rÏrÐrÑr=r r.r r!ÚSynchronizedHTTPSConnectionþsr/cs&t|ƒ| d¡| ¡ˆ ¡dS)Ns!HTTP/1.0 402 Payment Required T)rr!rFrr*r.r r!r sÿz[TestPreHandshakeClose.test_https_client_non_tls_response_ignored..call_after_acceptg@Znon_tls_http_RST_responder)rrr-r)rÆr‘r-ZHEADz/testZHostr,)Zheaders)rßr r-r†ZHTTPSConnectionrr‹rErŒrrgrqrÆr rTrÆrr}Z getresponser)r­r/rr-rÅÚ connectionÚresponser r.r!Ú*test_https_client_non_tls_response_ignoredûs.  ý   ü  þ z@TestPreHandshakeClose.test_https_client_non_tls_response_ignoredN) rÏrÐrÑrÏrßràrr#r)r,r2r r r r!r9s<- rr^Zget_config_varrr@rÀÚverrSròr"rÍÚfsencoderrrrrrrrrrr)rórÎrLr•rˆrÏr–r—rRrQr›rðrZr˜r™rÔrrr?r4rÐrérØr0r1r>r?r@rArBrHrNrZÚ lru_cacherWrlrvr~Zignore_warningsrÒr‰r’rŸZTestCaser rÖrerrr‚r‰Zrequires_resourcerÑr¥r²Ztest.ssl_serversrÚràrÌrr?rErFrÓrÞr`Z HAS_KEYLOGr rõrrr8rÏÚmainr r r r!Ús†        ÿ   þ        ÿ       óñ          (ÿ þ3C6?0t  #v þ1 ÿN} ÿz # ÿ