diff options
author | Hermann Höhne <hoehermann@gmx.de> | 2017-08-29 21:24:32 +0200 |
---|---|---|
committer | Hermann Höhne <hoehermann@gmx.de> | 2017-10-26 15:17:11 +0200 |
commit | 914609fb5f1df31e9ecd27ad73ceda035357cecb (patch) | |
tree | ddf73ba4a86a0ffa0375252d24fc732ea6c379c5 /tests | |
parent | 5e19bc3f96d634a7b55d06e6cec630d5b1c60c9f (diff) | |
download | websockify-914609fb5f1df31e9ecd27ad73ceda035357cecb.tar.gz |
Added SSL-certificate-based client authentication.
* Incorporates #190 without breaking compatibility towards old Python versions.
* A new plugin allows authenticating clients by the "common name" defined in their certificate.
* Added manual for certificate-based client authentication, including hints to which Python versions allow client certificate authentication.
* Adjusted test to work with new ssl.create_default_context.
Diffstat (limited to 'tests')
-rw-r--r-- | tests/test_websockifyserver.py | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/tests/test_websockifyserver.py b/tests/test_websockifyserver.py index 9af117d..63c9449 100644 --- a/tests/test_websockifyserver.py +++ b/tests/test_websockifyserver.py @@ -267,8 +267,25 @@ class WebSockifyServerTestCase(unittest.TestCase): def fake_wrap_socket(*args, **kwargs): raise ssl.SSLError(ssl.SSL_ERROR_EOF) + class fake_create_default_context(): + def __init__(self, purpose): + self.verify_mode = None + def load_cert_chain(self, certfile, keyfile): + pass + def set_default_verify_paths(self): + pass + def load_verify_locations(self, cafile): + pass + def wrap_socket(self, *args, **kwargs): + raise ssl.SSLError(ssl.SSL_ERROR_EOF) + self.stubs.Set(select, 'select', fake_select) - self.stubs.Set(ssl, 'wrap_socket', fake_wrap_socket) + if (hasattr(ssl, 'create_default_context')): + # for recent versions of python + self.stubs.Set(ssl, 'create_default_context', fake_create_default_context) + else: + # for fallback for old versions of python + self.stubs.Set(ssl, 'wrap_socket', fake_wrap_socket) self.assertRaises( websockifyserver.WebSockifyServer.EClose, server.do_handshake, sock, '127.0.0.1') |