-:Sc@sdZddlmZddlmZmZmZddlmZm Z ddl m Z m Z ddl m Z ddlmZddlmZdd lmZdd lmZmZdd lmZmZmZdd lmZmZdd lmZmZddlmZm Z m!Z!ddlm"Z"m#Z#m$Z$ddlm%Z%m&Z&ddlm'Z'm(Z(m)Z)m*Z*ddlm+Z+m,Z,m-Z-ddlm.Z.m/Z/m0Z0m1Z1ddlm2Z2m3Z3m4Z4m5Z5m6Z6ddlm7Z7m8Z8m9Z9m:Z:ddl;m<Z<m=Z=m>Z>ddl?m@Z@mAZAddl?mBZBmCZCmDZDmEZEmFZFyddlmGZGWneHk r{eIZGnXyddlmJZJWneHk reIZJnXyddlmKZKWneHk reIZKnXddlmLZLmMZMmNZNmOZOmPZPmQZQmRZRmSZSmTZTmUZUmVZVmWZWmXZXmYZYmZZZm[Z[m\Z\m]Z]m^Z^m_Z_dZ`dZadZbd Zcd!Zdd"fd#YZed$e<fd%YZfd&e<eefd'YZgd(e<eefd)YZhd*e<eefd+YZid,e<fd-YZjd.e<eefd/YZkd0e<eefd1YZld2e<eefd3YZmd4e<fd5YZnd6e<fd7YZod8e<eefd9YZpd:e<fd;YZqerd<krend=S(>s Unit tests for L{OpenSSL.SSL}. i(tcollect(t ECONNREFUSEDt EINPROGRESSt EWOULDBLOCK(tplatformt version_info(terrortsocket(tmakedirs(tjoin(tmain(tref(tTYPE_RSAt FILETYPE_PEM(tPKeytX509t X509Extension(tdump_privatekeytload_privatekey(tdump_certificatetload_certificate(tOPENSSL_VERSION_NUMBERtSSLEAY_VERSIONt SSLEAY_CFLAGS(tSSLEAY_PLATFORMt SSLEAY_DIRtSSLEAY_BUILT_ON(t SENT_SHUTDOWNtRECEIVED_SHUTDOWN(t SSLv2_METHODt SSLv3_METHODt SSLv23_METHODt TLSv1_METHOD(t OP_NO_SSLv2t OP_NO_SSLv3tOP_SINGLE_DH_USE(t VERIFY_PEERtVERIFY_FAIL_IF_NO_PEER_CERTtVERIFY_CLIENT_ONCEt VERIFY_NONE(tErrort SysCallErrort WantReadErrortZeroReturnErrortSSLeay_version(tContextt ContextTypet ConnectiontConnectionType(tTestCasetbytestb(tcleartextCertificatePEMtcleartextPrivateKeyPEM(tclient_cert_pemtclient_key_pemtserver_cert_pemtserver_key_pemt root_cert_pem(tOP_NO_QUERY_MTU(tOP_COOKIE_EXCHANGE(t OP_NO_TICKET(tSSL_ST_CONNECTt SSL_ST_ACCEPTt SSL_ST_MASKt SSL_ST_INITt SSL_ST_BEFOREt SSL_ST_OKtSSL_ST_RENEGOTIATEt SSL_CB_LOOPt SSL_CB_EXITt SSL_CB_READt SSL_CB_WRITEt SSL_CB_ALERTtSSL_CB_READ_ALERTtSSL_CB_WRITE_ALERTtSSL_CB_ACCEPT_LOOPtSSL_CB_ACCEPT_EXITtSSL_CB_CONNECT_LOOPtSSL_CB_CONNECT_EXITtSSL_CB_HANDSHAKE_STARTtSSL_CB_HANDSHAKE_DONEs[-----BEGIN DH PARAMETERS----- MBYCEQCobsg29c9WZP/54oAPcwiDAgEC -----END DH PARAMETERS----- cCs|S(N((tconntcertterrnumtdepthtok((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt verify_cbFscCst}|jd|jdt}|jt|jd|jdf|jt|jd}|j t d|j dt dkst |j t d|j dt dkst |jt|jt||fS( sQ Establish and return a pair of network sockets connected to each other. tiis 127.0.0.1txity(RXi( Rtbindtlistent setblockingtFalset connect_ext getsocknametTruetaccepttsendR3trecvtAssertionError(tporttclienttserver((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt socket_pairJs      !!  cCs]||g}xJ|rXx=|D]5}y|jWntk rCqX|j|qWqWdS(N(t do_handshakeR*tremove(RgRhtconnsRR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt handshakehs    cCsAttdttd}t}|jtdt}d|j_|j |j|j ||j td|j td|j |g|jd|j|dt}|jtdt}d |j_|j |j|j ||j td|j td|j |g|jd|j|dt}|jtdt}d |j_|j |j|j ||j td|j td|j ttdttd g|jd|j|d||f||f||fgS( s Construct and return a chain of certificates. 1. A new self-signed certificate authority certificate (cacert) 2. A new intermediate certificate signed by cacert (icert) 3. A new server certificate signed by icert (scert) tbasicConstraintssCA:trueisAuthority Certificatet20000101000000Zt20200101000000Zitsha1sIntermediate CertificatesServer CertificatesCA:false(RR3R^Rt generate_keyR Rt get_subjectt commonNamet set_issuert set_pubkeyt set_notBeforet set_notAftertadd_extensionstset_serial_numbertsignRa(tcaexttcakeytcacerttikeyticerttskeytscert((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt_create_certificate_chaintsH           " t_LoopbackMixincBs eZdZdZdZRS(s Helper mixin which defines methods for creating a connected socket pair and for forcing two connected SSL sockets to talk to each other via memory BIOs. cCst\}}tt}|jttt|jttt t ||}|j t tt|}|j t |||jt|jt||fS(N(RiR-R tuse_privatekeyRR R9tuse_certificateRR8R/tset_accept_statetset_connect_stateRmR]Ra(tselfRhRgtctx((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt _loopbacks      cCst}x|rt}x||f||fgD]\}}y|jd}Wntk r`n X||fSxEtry|jd}Wntk rPqnXt}|j|qnWq.Wq WdS(s Try to read application bytes from each of the two L{Connection} objects. Copy bytes back and forth between their send/receive buffers for as long as there is anything to copy. When there is nothing more to copy, return C{None}. If one of them actually manages to deliver some application bytes, return a two-tuple of the connection from which the bytes were read and the bytes themselves. iiiNi(RaR^RdR*tbio_readt bio_write(Rt client_connt server_conntwrotetreadtwritetdatatdirty((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt_interactInMemorys"       (t__name__t __module__t__doc__RR(((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRs t VersionTestscBs eZdZdZdZRS(s Tests for version information exposed by L{OpenSSL.SSL.SSLeay_version} and L{OpenSSL.SSL.OPENSSL_VERSION_NUMBER}. cCs|jtttdS(s L{OPENSSL_VERSION_NUMBER} is an integer with status in the low byte and the patch, fix, minor, and major versions in the nibbles above that. N(t assertTruet isinstanceRtint(R((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_OPENSSL_VERSION_NUMBERscCsli}xItttttgD]2}t|}|||<|jt|tqW|j t |ddS(s L{SSLeay_version} takes a version type indicator and returns one of a number of version strings based on that indicator. iN( RRRRRR,RRR2t assertEqualtlen(Rtversionstttversion((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_SSLeay_versions   (RRRRR(((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRs t ContextTestscBsseZdZdZdZdZdZdZdZdZ dZ d Z d Z d Z d Zd ZdZdZdZdZdZdZdZdZdZdZdZdZdZedkrn dZdZdZ dZ!d Z"d!Z#d"Z$d#Z%d$Z&d%Z'd&Z(d'Z)RS((s0 Unit tests for L{OpenSSL.SSL.Context}. cCspx!tttgD]}t|qWyttWntk rEnX|jttd|jttddS(s L{Context} can be instantiated with one of L{SSLv2_METHOD}, L{SSLv3_METHOD}, L{SSLv23_METHOD}, or L{TLSv1_METHOD}. RXi N(RRR R-Rt ValueErrort assertRaisest TypeError(Rtmeth((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt test_methods cCs'|jtt|jtdtdS(s L{Context} and L{ContextType} refer to the same type object and can be used to create instances of that type. R-N(tassertIdenticalR-R.tassertConsistentTypeR (R((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt test_type&scCsLt}|jtdtt}|j||jt|jddS(sU L{Context.use_privatekey} takes an L{OpenSSL.crypto.PKey} instance. iRXN(RRrR R-R RRR(RtkeyR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_use_privatekey/s    cCs<tt}|jt|j|jt|jdddS(sm L{Context.set_app_data} raises L{TypeError} if called with other than one argument. N(R-R RRt set_app_datatNone(Rtcontext((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_set_app_data_wrong_args:s cCs&tt}|jt|jddS(sc L{Context.get_app_data} raises L{TypeError} if called with any arguments. N(R-R RRt get_app_dataR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_get_app_data_wrong_argsDs cCs<t}tt}|j||j|j|dS(su L{Context.set_app_data} stores an object for later retrieval using L{Context.get_app_data}. N(tobjectR-R RRR(Rtapp_dataR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt test_app_dataMs   cCsRtt}|jt|j|jt|jd|jt|jdddS(s L{Context.set_options} raises L{TypeError} if called with the wrong number of arguments or a non-C{int} argument. iN(R-R RRt set_optionsR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_set_options_wrong_argsXs cCsRtt}|jt|j|jt|jd|jt|jdddS(s L{Context.set_timeout} raises L{TypeError} if called with the wrong number of arguments or a non-C{int} argument. iN(R-R RRt set_timeoutR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_set_timeout_wrong_argscs cCs&tt}|jt|jddS(sZ L{Context.get_timeout} raises L{TypeError} if called with any arguments. N(R-R RRt get_timeoutR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_get_timeout_wrong_argsns cCs3tt}|jd|j|jddS(s L{Context.set_timeout} sets the session timeout for all connections created using the context object. L{Context.get_timeout} retrieves this value. iN(R-R Rt assertEqualsR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt test_timeoutvs  cCsRtt}|jt|j|jt|jd|jt|jdddS(s L{Context.set_verify_depth} raises L{TypeError} if called with the wrong number of arguments or a non-C{int} argument. iN(R-R RRtset_verify_depthR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt test_set_verify_depth_wrong_argss cCs&tt}|jt|jddS(s_ L{Context.get_verify_depth} raises L{TypeError} if called with any arguments. N(R-R RRtget_verify_depthR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt test_get_verify_depth_wrong_argss cCs3tt}|jd|j|jddS(s L{Context.set_verify_depth} sets the number of certificates in a chain to follow before giving up. The value can be retrieved with L{Context.get_verify_depth}. i N(R-R RRR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_verify_depths  cCsmt}|jtd|j}t|d}tt|d|}|j|jd|j |S(s Write a new private key out to a new file, encrypted using the given passphrase. Return the path to the new file. itwtblowfishtascii( RRrR tmktemptopenRR Rtdecodetclose(Rt passphraseRtpemFiletfObjtpem((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt_write_encrypted_pems   cCsXtt}|jt|j|jt|jd|jt|jddddS(s L{Context.set_passwd_cb} raises L{TypeError} if called with the wrong arguments or with a non-callable first argument. cSsdS(N(R(((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pytsN(R-R RRt set_passwd_cbR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_set_passwd_cb_wrong_argss cstd|j}gfd}tt}|j||j||jtd|jtddt |jtddt |j ddddS(s L{Context.set_passwd_cb} accepts a callable which will be invoked when a private key is loaded from an encrypted PEM. tfoobarcsj|||fS(N(tappend(tmaxlentverifytextra(t calledWithR(s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pytpassphraseCallbacksiiiN( R3RR-R Rtuse_privatekey_fileRRRRRR(RRRR((RRs9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_set_passwd_cbs    cCsQ|jtd}d}tt}|j||jt|j|dS(st L{Context.use_privatekey_file} propagates any exception raised by the passphrase callback. smonkeys are nicecSstddS(NsSorry, I am a fail.(t RuntimeError(RRR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRsN(RR3R-R RRRR(RRRR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_passwd_callback_exceptions    cCsQ|jtd}d}tt}|j||jt|j|dS(s L{Context.use_privatekey_file} raises L{OpenSSL.SSL.Error} if the passphrase callback returns a false value. smonkeys are nicecSsdS(N(R(RRR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRsN(RR3R-R RRR(R(RRRR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_passwd_callback_falses    cCsQ|jtd}d}tt}|j||jt|j|dS(s L{Context.use_privatekey_file} raises L{OpenSSL.SSL.Error} if the passphrase callback returns a true non-string value. smonkeys are nicecSsdS(Ni ((RRR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRsN(RR3R-R RRR(R(RRRR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_passwd_callback_non_strings    csXtdd|j}fd}tt}|j||j|dS(s If the passphrase returned by the passphrase callback returns a string longer than the indicated maximum length, it is truncated. RYics |dksttdS(NiRZ(ReR3(RRR(R(s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRsN(R3RR-R RR(RRRR((Rs9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_passwd_callback_too_longs   cst\}}ttt|}|jgfd}tt}|j||jttt |j t tt t||}|j xCsx6||fD](}y|jWqtk rqXqWqW|jdS(s L{Context.set_info_callback} accepts a callable which will be invoked when certain information about an SSL connection is available. csj|||fdS(N(R(RRtwheretret(tcalled(s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pytinfosN(RiR/R-R Rtset_info_callbackRRR R4RRR5RRjR*R(RRhRgt clientSSLRRt serverSSLtssl((Rs9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_set_info_callback s(       c Gst\}}tt}|j||jtdt||}|jtt}|jt t t |j t t tt||}|jt|||j}|j|jjddS(s Create a client context which will verify the peer certificate and call its C{load_verify_locations} method with C{*args}. Then connect it to a server and ensure that the handshake succeeds. cSs|S(N((RRRSterrnoRUt preverify_ok((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyR:ssTesting Root CAN(RiR-R tload_verify_locationst set_verifyR$R/RRRR R4RRR5RRmtget_peer_certificateRRstCN( RtargsRhRgt clientContextRt serverContextRRS((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt_load_verify_locations_test,s$        cCsL|j}t|d}|jtjd|j|j|dS(s L{Context.load_verify_locations} accepts a file name and uses the certificates within for verification purposes. RRN(RRRR4RRR(RtcafileR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_load_verify_fileRs   cCs,tt}|jt|j|jdS(sm L{Context.load_verify_locations} raises L{Error} when passed a non-existent cafile. N(R-R RR(RR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_load_verify_invalid_file_s cCs|j}t|xRddgD]D}t||}t|d}|jtjd|jq#W|jd|dS(s L{Context.load_verify_locations} accepts a directory name and uses the certificates within for verification purposes. s c7adac82.0s c3705638.0RRN( RRR RRR4RRRR(RtcapathtnameRR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_load_verify_directoryis  cCswtt}|jt|j|jt|jt|jt|jtt|jt|jddddS(s L{Context.load_verify_locations} raises L{TypeError} if called with the wrong number of arguments or with non-C{str} arguments. N(R-R RRRRR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt%test_load_verify_locations_wrong_args|s  twin32cCsdS(s L{Context.set_default_verify_paths} causes the platform-specific CA certificate locations to be used for verification purposes. N((R((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_set_default_verify_pathss cCsRtt}|jt|jd|jt|jd|jt|jddS(sv L{Context.set_default_verify_paths} takes no arguments and raises L{TypeError} if given any. iRXN(R-R RRtset_default_verify_pathsR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt'test_set_default_verify_paths_signatures cCs[tt}|jt|j|jt|jt|jt|jttdS(s L{Context.add_extra_chain_cert} raises L{TypeError} if called with other than one argument or if called with an object which is not an instance of L{X509}. N(R-R RRtadd_extra_chain_certR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt&test_add_extra_chain_cert_invalid_certs c Cst\}}t||}|jt||}|jxMtdD]?}x6||gD](}y|jWqatk rqaXqaWqNWdS(s Verify that a client and server created with the given contexts can successfully handshake and communicate. iN(RiR/RRtrangeRjR*( RRRt serverSockett clientSocketRhRgtits((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt_handshake_tests   cCsrt}|\\}}\}}\}}xg|df|df|dfgD]D\}} t| d} | jtt|jd| jqLWxg|df|df|dfgD]D\} } t| d} | jtt| jd| jqWtt } | j || j || j |tt } | j ttBt| jd|j| | d S( s L{Context.add_extra_chain_cert} accepts an L{X509} instance to add to the certificate chain. See L{_create_certificate_chain} for the details of the certificate chain tested. The chain is tested by starting a server with scert and connecting to it with a client which trusts cacert and requires verification to succeed. sca.pemsi.pemss.pemRRsca.keysi.keyss.keyN(RRRRR RRRR-R RRRRR$R%RWRR(RtchainR}R~RRRRRSRRRRR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_add_extra_chain_certs& !..      c CsKt}|\\}}\}}\}}|j}t|d} | jtt|jd| jtt|jd| jtt|jd| jtt } | j || j |tdd} | jtt|jd| jtt } | j t tBt| jd|j| | dS(s L{Context.use_certificate_chain_file} reads a certificate chain from the specified file. The chain is tested by starting a server with scert and connecting to it with a client which trusts cacert and requires verification to succeed. RRsca.pemN(RRRRRR RRR-R tuse_certificate_chain_fileRRR$R%RWRR( RRR}R~RRRRt chainFileRRR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_use_certificate_chain_files& !        cCs&tt}|jt|jddS(sf L{Context.get_verify_mode} raises L{TypeError} if called with any arguments. N(R-R RRtget_verify_modeR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_get_verify_mode_wrong_args+s cCsWtt}|j|jd|jttBd|j|jttBdS(s~ L{Context.get_verify_mode} returns the verify mode flags previously passed to L{Context.set_verify}. icWsdS(N(R(R((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyR<sN(R-R RR RR$R&(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_get_verify_mode4s  cCsUtt}|jt|j|jt|jdd|jt|jtdS(s L{Context.load_tmp_dh} raises L{TypeError} if called with the wrong number of arguments or with a non-C{str} argument. tfooN(R-R RRt load_tmp_dhRR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_load_tmp_dh_wrong_argsAs cCs&tt}|jt|jddS(sr L{Context.load_tmp_dh} raises L{OpenSSL.SSL.Error} if the specified file does not exist. thelloN(R-R RR(R(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_load_tmp_dh_missing_fileLs cCsOtt}|j}t|d}|jt|j|j|dS(si L{Context.load_tmp_dh} loads Diffie-Hellman parameters from the specified file. RN(R-R RRRtdhparamRR(RRt dhfilenametdhfile((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_load_tmp_dhUs     cCsEtt}|jdt|d}|j|jdgdS(s L{Context.set_cipher_list} accepts a C{str} naming the ciphers which connections created with the context object will be able to choose from. shello world:EXP-RC4-MD5s EXP-RC4-MD5N(R-R tset_cipher_listR/RRtget_cipher_list(RRRR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_set_cipher_listcs  (*RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR R RRRRRR(((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRsR          " &     , ' tServerNameCallbackTestscBs2eZdZdZdZdZdZRS(si Tests for L{Context.set_tlsext_servername_callback} and its interaction with L{Connection}. cCs<tt}|jt|j|jt|jdddS(s L{Context.set_tlsext_servername_callback} raises L{TypeError} if called with other than one argument. iiN(R-R RRtset_tlsext_servername_callback(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_wrong_argsts cCsed}d}tt}|j|t|}~|j|t|jd|dS(s If L{Context.set_tlsext_servername_callback} is used to specify a new callback, the one it replaces is dereferenced. cSsdS(N((t connection((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pytcallbackscSsdS(N((R((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt replacementsN(R-R RR RRR(RR R!Rttracker((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_old_callback_forgotten~s      csgfd}tt}|j|~t|jttt|jt tt t |d}|j t ttd}|j|j|||j|dfgdS(s When a client specifies no server name, the callback passed to L{Context.set_tlsext_servername_callback} is invoked and the result of L{Connection.get_servername} is C{None}. csj||jfdS(N(Rtget_servername(RR(R(s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt servernamesN(R-R RRRRR R9RRR8R/RRRRR(RR%RRhRg((Rs9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_no_servernames    csgfd}tt}|j||jttt|jttt t |d}|j t ttd}|j |jtd|j|||j|tdfgdS(s When a client specifies a server name in its hello message, the callback passed to L{Contexts.set_tlsext_servername_callback} is invoked and the result of L{Connection.get_servername} is that server name. csj||jfdS(N(RR$(RR(R(s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyR%ssfoo1.example.comN(R-R RRRR R9RRR8R/RRRtset_tlsext_host_nameR3RR(RR%RRhRg((Rs9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_servernames    (RRRRR#R&R((((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRos   !tConnectionTestscBseZdZdZdZdZdZdZdZdZ dZ d Z d Z d Z d Zed krn dZdZdZdZdZdZdZdZdZdZdZdZRS(s3 Unit tests for L{OpenSSL.SSL.Connection}. cCs6|jtttt}|jtd|ddS(s L{Connection} and L{ConnectionType} refer to the same type object and can be used to create instances of that type. R/N(RR/R0R-R RR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRs cCs5tt}t|d}|j|j|dS(s L{Connection.get_context} returns the L{Context} instance used to construct the L{Connection} instance. N(R-R R/RRt get_context(RRR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_get_contexts cCs/tttd}|jt|jddS(se L{Connection.get_context} raises L{TypeError} if called with any arguments. N(R/R-R RRRR*(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_get_context_wrong_argsscCstt}t|d}|jt|j|jt|jt|jt|jd|jt|jd|jt|jdd|jt|jttd|j||j dS(s L{Connection.set_context} raises L{TypeError} if called with a non-L{Context} instance argument or with any number of arguments other than 1. RiiN( R-R R/RRRt set_contextRRR*(RRR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_set_context_wrong_argss cCs[tt}tt}t|d}|j||j||j~~tdS(sv L{Connection.set_context} specifies a new L{Context} instance to be used for the connection. N( R-RR R/RR-RR*R(RtoriginalR!R((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_set_contexts   cCstttd}|jt|j|jt|jt|jt|jdd|jt|jtdt dkr|jt|jtdj dndS( s If L{Connection.set_tlsext_host_name} is called with a non-byte string argument or a byte string with an embedded NUL or other than one argument, L{TypeError} is raised. i{it withnullis example.comRN(i( R/R-R RRRR'RR3RR(RRR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt$test_set_tlsext_host_name_wrong_args(s cCs^tttd}|jt|jt|jt|jd|jt|jddS(sh L{Connection.get_servername} raises L{TypeError} if called with any arguments. iRN(R/R-R RRRR$R(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_get_servername_wrong_args<scCs/tttd}|j|jddS(si L{Connection.pending} returns the number of bytes available for immediate read. iN(R/R-R RRtpending(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt test_pendingGscCs/tttd}|jt|jddS(sY L{Connection.pending} raises L{TypeError} if called with any arguments. N(R/R-R RRRR4(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_pending_wrong_argsPscCs^tttt}|jt|jd|jt|j|jt|jdddS(s L{Connection.connect} raises L{TypeError} if called with a non-address argument or with the wrong number of arguments. s 127.0.0.1iN(s 127.0.0.1i(R/R-R RRRtconnectR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_connect_wrong_argsXscCsWt}tt}t||}|jt|jd}|j|jdt dS(sy L{Connection.connect} raises L{socket.error} if the underlying socket connect method raises it. s 127.0.0.1iiN(s 127.0.0.1i( RR-R R/RRR7RRR(RRgRRtexc((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_connect_refusedcs   cCs\t}|jd|jdtttt}|jd|jdfdS(sZ L{Connection.connect} establishes a connection to the specified address. RXiis 127.0.0.1iN(RXi(RR[R\R/R-R R7R`(RRfR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt test_connectos    tdarwincCst}|jd|jdtttt}|jt|j|j }t t f}|j ||kd||fdS(s If there is a connection error, L{Connection.connect_ex} returns the errno instead of raising an exception. RXiis %r not in %rN(RXi( RR[R\R/R-R R]R^R_R`RRR(RRfRtresulttexpected((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_connect_exs     cCs2tttt}|jt|jddS(sX L{Connection.accept} raises L{TypeError} if called with any arguments. N(R/R-R RRRRbR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_accept_wrong_argsscCstt}|jttt|jtttt }t ||}|j d|j dt ttt }|j d|jdf|j\}}|jt|t |j|j||j||jdS(s L{Connection.accept} accepts a pending connection attempt and returns a tuple of a new L{Connection} (the accepted client) and the address the connection originated from. RXiis 127.0.0.1iN(RXi(R-R RRR R9RRR8RR/R[R\R7R`RbRRRR*R(RRRftportSSLRRtaddress((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt test_accepts    cCstttd}|jt|jd|jt|jd|jt|j|jt|jd|jt|jdddS(s L{Connection.shutdown} raises L{TypeError} if called with the wrong number of arguments or with arguments other than integers. iiN( R/R-R RRRtshutdownt get_shutdownt set_shutdown(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_shutdown_wrong_argss cCs|j\}}|j|j|j|jt|jt|jd|j|jt |j|j|jtt B|jt|jd|j|jtt BdS(sS L{Connection.shutdown} performs an SSL-level connection shutdown. iN( Rt assertFalseRDRRERRR+RdR(RRhRg((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt test_shutdowns cCs?tttt}|jt|j|jtdS(sk L{Connection.set_shutdown} sets the state of the SSL connection shutdown process. N(R/R-R RRFRRRE(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_set_shutdowns cCs[tttd}|jt|jd|jt|j|jt|jdddS(s L{Connection.set_app_data} raises L{TypeError} if called with other than one argument. L{Connection.get_app_data} raises L{TypeError} if called with any arguments. N(R/R-R RRRRR(RRR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_app_data_wrong_argsscCsEtttd}t}|j||j|j|dS(s Any object can be set as app data by passing it to L{Connection.set_app_data} and later retrieved with L{Connection.get_app_data}. N(R/R-R RRRRR(RRRR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRs  cCs,tttd}|jt|jdS(sz L{Connection.makefile} is not implemented and calling that method raises L{NotImplementedError}. N(R/R-R RRtNotImplementedErrortmakefile(RRR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt test_makefilescCsttttd}|jt|jd|jt|jd|jt|jt|jt|jgdS(sm L{Connection.get_peer_cert_chain} raises L{TypeError} if called with any arguments. iRN(R/R-R RRRtget_peer_cert_chainR(RRR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt#test_get_peer_cert_chain_wrong_argss c CsEt}|\\}}\}}\}}tt}|j||j||j||j|t|d} | jtt} | j t t t| d} | j |j | | | j}|jt|d|jd|djj|jd|djj|jd|djjdS( s L{Connection.get_peer_cert_chain} returns a list of certificates which the connected server returned for the certification verification. isServer CertificateisIntermediate CertificateisAuthority CertificateiN(RR-R RRRR/RRRR'RWRRRORRRsR( RRR}R~RRRRRRhRRg((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_get_peer_cert_chains, !         cCstt}|jttt|jtttt |d}|j t ttd}|j |j |||jd|jdS(ss L{Connection.get_peer_cert_chain} returns C{None} if the peer sends no certificate chain. N(R-R RRR R9RRR8R/RRRRRRO(RRRhRg((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_get_peer_cert_chain_none(s   (RRRRR+R,R.R0R2R3R5R6R8R:R;RR?R@RCRGRIRJRKRRNRPRQRR(((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyR)s6          "tConnectionGetCipherListTestscBs eZdZdZdZRS(s2 Tests for L{Connection.get_cipher_list}. cCs/tttd}|jt|jddS(si L{Connection.get_cipher_list} raises L{TypeError} if called with any arguments. N(R/R-R RRRR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyR=scCsbtttd}|j}|jt|tx$|D]}|jt|tq>WdS(s L{Connection.get_cipher_list} returns a C{list} of C{str} giving the names of the ciphers which might be used. N( R/R-R RRRRtlisttstr(RRtcipherstcipher((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt test_resultFs   (RRRRRX(((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRS9s tConnectionSendTestscBsEeZdZdZdZyeWnek r9n XdZRS(s& Tests for L{Connection.send} cCs^tttd}|jt|j|jt|jt|jt|jdddS(sx When called with arguments other than a single string, L{Connection.send} raises L{TypeError}. RtbarN(R/R-R RRRRcR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRWscCsZ|j\}}|jtd}|j|d|j|jdtddS(s When passed a short byte string, L{Connection.send} transmits all of it and returns the number of bytes sent. txyiN(RRcR3RRd(RRhRgtcount((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_short_bytesbscCs`|j\}}|jttd}|j|d|j|jdtddS(s When passed a memoryview onto a small number of bytes, L{Connection.send} transmits all of them and returns the number of bytes sent. R[iN(RRct memoryviewR3RRd(RRhRgR\((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_short_memoryviewqs(RRRRR]R^t NameErrorR_(((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRYSs  tConnectionSendallTestscBsWeZdZdZdZyeWnek r9n XdZdZdZ RS(s* Tests for L{Connection.sendall}. cCs^tttd}|jt|j|jt|jt|jt|jdddS(s{ When called with arguments other than a single string, L{Connection.sendall} raises L{TypeError}. RRZN(R/R-R RRRtsendallR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRscCsH|j\}}|jtd|j|jdtddS(sf L{Connection.sendall} transmits all of the bytes in the string passed to it. RYiN(RRbR3RRd(RRhRg((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt test_shortscCsN|j\}}|jttd|j|jdtddS(s When passed a memoryview onto a small number of bytes, L{Connection.sendall} transmits all of them. RYiN(RRbR^R3RRd(RRhRg((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyR_scCs|j\}}tdd td}|j|g}d}xB|t|kr|jd}|j||t|7}qHW|j|tdj|dS( s L{Connection.sendall} transmits all of the bytes in the string passed to it even if this requires multiple calls of an underlying write function. RYii iRZiRXNii(RR3RbRRdRRR (RRhRgtmessagetaccumtreceivedR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt test_longs  cCs9|j\}}|jd|jt|jddS(s If the underlying socket is closed, L{Connection.sendall} propagates the write error from the low level write call. is hello, worldN(Rt sock_shutdownRR)Rb(RRhRg((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt test_closeds ( RRRRRcR^R`R_RgRi(((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRa~s   tConnectionRenegotiateTestscBs)eZdZdZdZdZRS(s+ Tests for SSL renegotiation APIs. cCs/tttd}|jt|jddS(se L{Connection.renegotiate} raises L{TypeError} if called with any arguments. N(R/R-R RRRt renegotiate(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_renegotiate_wrong_argsscCs/tttd}|jt|jddS(sn L{Connection.total_renegotiations} raises L{TypeError} if called with any arguments. N(R/R-R RRRttotal_renegotiations(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt$test_total_renegotiations_wrong_argsscCs/tttd}|j|jddS(sr L{Connection.total_renegotiations} returns C{0} before any renegotiations have happened. iN(R/R-R RRRm(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_total_renegotiationss(RRRRlRnRo(((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRjs t ErrorTestscBseZdZdZRS(s. Unit tests for L{OpenSSL.SSL.Error}. cCs-|jttt|jtjddS(s0 L{Error} is an exception type. R(N(Rt issubclassR(t ExceptionRR(R((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRs(RRRR(((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRpstConstantsTestscBsVeZdZedk r$dZnedk r<dZnedk rTdZ nRS(s Tests for the values of constants exposed in L{OpenSSL.SSL}. These are values defined by OpenSSL intended only to be used as flags to OpenSSL APIs. The only assertions it seems can be made about them is their values. cCs|jtddS(s The value of L{OpenSSL.SSL.OP_NO_QUERY_MTU} is 0x1000, the value of I{SSL_OP_NO_QUERY_MTU} defined by I{openssl/ssl.h}. iN(RR;(R((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_op_no_query_mtuscCs|jtddS(s The value of L{OpenSSL.SSL.OP_COOKIE_EXCHANGE} is 0x2000, the value of I{SSL_OP_COOKIE_EXCHANGE} defined by I{openssl/ssl.h}. i N(RR<(R((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_op_cookie_exchangescCs|jtddS(s The value of L{OpenSSL.SSL.OP_NO_TICKET} is 0x4000, the value of I{SSL_OP_NO_TICKET} defined by I{openssl/ssl.h}. i@N(RR=(R((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_op_no_ticket'sN( RRRR;RRtR<RuR=Rv(((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRss    tMemoryBIOTestscBseZdZdZdZdZdZdZdZdZ dZ d Z d Z d Z d Zd ZdZdZdZdZdZdZRS(sA Tests for L{OpenSSL.SSL.Connection} using a memory BIO. cCstt}|jttBtB|jttBt Bt |j }|j t tt|jttt|j|jtttt||}|j|S(sc Create a new server-side SSL L{Connection} object wrapped around C{sock}. (R-R RR!R"R#RR$R%R&RWtget_cert_storeRRR R9RRR8tcheck_privatekeytadd_certR:R/R(Rtsockt server_ctxt server_storeR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt_server6s    cCstt}|jttBtB|jttBt Bt |j }|j t tt|jttt|j|jtttt||}|j|S(sc Create a new client-side SSL L{Connection} object wrapped around C{sock}. (R-R RR!R"R#RR$R%R&RWRxRRR R7RRR6RyRzR:R/R(RR{t client_ctxt client_storeR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt_clientLs    cCs|jd}|jd}|j|jd|j|jd|j|jd|j|j||d|j|jd|j|jd|j|jd|j |j|j|j |j|j|j |j|j|j |j|jt d}|j ||j |j||||f|j |ddd|j |j||||dddfdS(s Two L{Connection}s which use memory BIOs can be manually connected by reading from the output of each and writing those bytes to the input of the other and in this way establish a connection and exchange application-level bytes with each other. sOne if by land, two if by sea.Ni( R~RRRt master_keyt client_randomt server_randomRtassertNotIdenticalRtassertNotEqualsR3R(RRRtimportant_message((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_memoryConnect`s.   cCs|j\}}td}|j||jd}|j|||ddd}|j||jd}|j||dS(s Just like L{test_memoryConnect} but with an actual socket. This is primarily to rule out the memory BIO code as the source of any problems encountered while passing data over a L{Connection} (if this test fails, there must be a problem outside the memory BIO code, as no memory BIO is involved here). Even though this isn't a memory BIO test, it's convenient to have it here. s,Help me Obi Wan Kenobi, you're my only hope.iNi(RR3RcRdR(RRRRtmsg((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_socketConnects    cCsgtt}t}t||}|jt|jd|jt|jd|jt|jdS(s Test that L{OpenSSL.SSL.bio_read} and L{OpenSSL.SSL.bio_write} don't work on L{OpenSSL.SSL.Connection}() that use sockets. idRN( R-RRR/RRRRt bio_shutdown(RRRgR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_socketOverridesMemorys   cCs|jd}|jd}|j||d}|jd|}|j||k|j||\}}|j|||jt||dS(s  If more bytes than can be written to the memory BIO are passed to L{Connection.send} at once, the number of bytes which were written is returned and that many bytes from the beginning of the input can be read from the other end of the connection. iiRYNi( R~RRRRcRRRR(RRhRgtsizetsenttreceiverRf((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_outgoingOverflowscCsH|jd}|j|jt|jd}|j|jtdS(s{ L{Connection.bio_shutdown} signals the end of the data stream from which the L{Connection} reads. iN(R~RRRR(RdRt __class__(RRhte((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRIs cCs|jd}|jd}|j|jg|j|jg|j}||}|j|jg|j|j||j|||j|j||j|j|dS(s Verify the return value of the C{get_client_ca_list} method for server and client connections. @param func: A function which will be called with the server context before the client and server are connected to each other. This function should specify a list of CAs for the server to send to the client and return that same list. The list will be used to verify that C{get_client_ca_list} returns the proper value at various times. N(R~RRRtget_client_ca_listR*R(RtfuncRhRgRR>((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt_check_client_ca_lists   cCsXtt}|jt|jd|jt|jdg|j|jgddS(s L{Context.set_client_ca_list} raises a L{TypeError} if called with a non-list or a list that contains objects other than X509Names. tspamN(R-R RRtset_client_ca_listRR(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_set_client_ca_list_errorss cCsd}|j|dS(s If passed an empty list, L{Context.set_client_ca_list} configures the context to send no CA names to the client and, on both the server and client sides, L{Connection.get_client_ca_list} returns an empty list after the connection is set up. cSs|jggS(N(R(R((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pytno_cas N(R(RR((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_set_empty_ca_lists cs;ttt}|jfd}|j|dS(sK If passed a list containing a single X509Name, L{Context.set_client_ca_list} configures the context to send that CA name to the client and, on both the server and client sides, L{Connection.get_client_ca_list} returns a list containing that X509Name after the connection is set up. cs|jggS(N(R(R(tcadesc(s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt single_casN(RR R:RsR(RR~R((Rs9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_set_one_ca_list s csYttt}ttt}|j|jfd}|j|dS(sW If passed a list containing multiple X509Name objects, L{Context.set_client_ca_list} configures the context to send those CA names to the client and, on both the server and client sides, L{Connection.get_client_ca_list} returns a list containing those X509Names after the connection is set up. csg}|j||S(N(R(RtL(tcldesctsedesc(s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt multiple_ca's  N(RR R8RsR(RtsecerttclcertR((RRs9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_set_multiple_ca_lists   cswttt}ttt}ttt}|j|j|jfd}|j|dS(s If called multiple times, only the X509Names passed to the final call of L{Context.set_client_ca_list} are used to configure the CA names sent to the client. cs*|jg|jggS(N(R(R(RRR(s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt changed_ca<sN(RR R:R8RsR(RR~RRR((RRRs9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_reset_ca_list.s   csYttt}ttt}|j|jfd}|j|dS(s If the list passed to L{Context.set_client_ca_list} is mutated afterwards, this does not affect the list of CA names sent to the client. cs-g}|jg|jgS(N(RR(RR(RR(s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt mutated_caOs  N(RR R:R8RsR(RR~RR((RRs9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_mutated_ca_listCs   cCsatt}ttt}|jt|j|jt|jd|jt|j||dS(s L{Context.add_client_ca} raises L{TypeError} if called with a non-X509 object or with a number of arguments other than one. RN(R-R RR R:RRt add_client_ca(RRR~((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_add_client_ca_errorsWs  cs>tttjfd}|j|dS(s~ A certificate's subject can be added as a CA to be sent to the client with L{Context.add_client_ca}. cs|jgS(N(R(R(R~R(s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRjs N(RR R:RsR(RR((R~Rs9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_one_add_client_cacs cs_ttttttjjfd}|j|dS(s Multiple CA names can be sent to the client by calling L{Context.add_client_ca} with multiple X509 objects. cs$|j|jgS(N(R(R(R~RRR(s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyR{s  N(RR R:R8RsR(RR((R~RRRs9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_multiple_add_client_caps   cszttt}ttt}ttt|j|jjfd}|j|dS(s A call to L{Context.set_client_ca_list} followed by a call to L{Context.add_client_ca} results in using the CA names from the first call and the CA name from the second call. cs-|jg|jgS(N(RR(R(RRRR(s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pytmixed_set_add_cas N(RR R:R8RsR(RR~RR((RRRRs9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_set_and_add_client_cas   csnttt}tttttt|jjfd}|j|dS(s A call to L{Context.set_client_ca_list} after a call to L{Context.add_client_ca} replaces the CA name specified by the former call with the names specified by the latter cal. cs4|j|jg|jgS(N(RR(R(RRRR(s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pytset_replaces_add_cas  N(RR R:R8RsR(RR~R((RRRRs9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyttest_set_after_add_client_cas  (RRRR~RRRRRRIRRRRRRRRRRRR(((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRw2s(   ,         tInfoConstantTestscBseZdZdZRS(sI Tests for assorted constants exposed for use in info callbacks. cCsgx`tttttttttt t t t t ttttttgD]}|jt|tqCWdS(s  All of the info constants are integers. This is a very weak test. It would be nice to have one that actually verifies that as certain info events happen, the value passed to the info callback matches up with the constant exposed by OpenSSL.SSL. N(R>R?R@RARBRCRDRERFRGRHRIRJRKRLRMRNRORPRQRRR(Rtconst((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyt test_integerss    (RRRR(((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pyRst__main__N(sRtgcRRRRRtsysRRRRtosRtos.pathR tunittestR tweakrefR tOpenSSL.cryptoR R RRRRRRRt OpenSSL.SSLRRRRRRRRRRRR R!R"R#R$R%R&R'R(R)R*R+R,R-R.R/R0tOpenSSL.test.utilR1R2R3tOpenSSL.test.test_cryptoR4R5R6R7R8R9R:R;t ImportErrorRR<R=R>R?R@RARBRCRDRERFRGRHRIRJRKRLRMRNRORPRQRRWRiRmRRRRRR)RSRYRaRjRpRsRwRR(((s9/usr/lib/python2.7/dist-packages/OpenSSL/test/test_ssl.pytsx""("(         6Gbdg+G5 +{