From aca7e2dd28e38ca9bc913c25821e5a452607c2de Mon Sep 17 00:00:00 2001 From: Roger Light Date: Fri, 21 Jun 2013 18:09:18 +0100 Subject: [PATCH] Add missing file and fix associated tests. --- test/lib/08-ssl-fake-cacert.py | 57 ++++++++++++++++++++++++ test/lib/python/08-ssl-fake-cacert.test | 12 ++--- test/lib/python3/08-ssl-fake-cacert.test | 12 ++--- 3 files changed, 69 insertions(+), 12 deletions(-) create mode 100755 test/lib/08-ssl-fake-cacert.py diff --git a/test/lib/08-ssl-fake-cacert.py b/test/lib/08-ssl-fake-cacert.py new file mode 100755 index 0000000..aa9be9d --- /dev/null +++ b/test/lib/08-ssl-fake-cacert.py @@ -0,0 +1,57 @@ +#!/usr/bin/python + +import inspect +import os +import subprocess +import socket +import ssl +import sys +import time + +# From http://stackoverflow.com/questions/279237/python-import-a-module-from-a-folder +cmd_subfolder = os.path.realpath(os.path.abspath(os.path.join(os.path.split(inspect.getfile( inspect.currentframe() ))[0],".."))) +if cmd_subfolder not in sys.path: + sys.path.insert(0, cmd_subfolder) + +import paho_test + +if sys.version < '2.7': + print("WARNING: SSL not supported on Python 2.6") + exit(0) + +sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) +sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) +ssock = ssl.wrap_socket(sock, ca_certs="../ssl/test-ca.crt", + keyfile="../ssl/server.key", certfile="../ssl/server.crt", + server_side=True, ssl_version=ssl.PROTOCOL_TLSv1, cert_reqs=ssl.CERT_REQUIRED) +ssock.settimeout(10) +ssock.bind(('', 1888)) +ssock.listen(5) + +client_args = sys.argv[1:] +env = dict(os.environ) +try: + pp = env['PYTHONPATH'] +except KeyError: + pp = '' +env['PYTHONPATH'] = '../../src:'+pp +client = subprocess.Popen(client_args, env=env) + +try: + (conn, address) = ssock.accept() + + conn.close() +except ssl.SSLError: + # Expected error due to ca certs not matching. + pass +finally: + time.sleep(1.0) + client.terminate() + client.wait() + ssock.close() + +if client.returncode == 0: + exit(0) +else: + exit(1) + diff --git a/test/lib/python/08-ssl-fake-cacert.test b/test/lib/python/08-ssl-fake-cacert.test index 1c475ba..1fdcdc9 100755 --- a/test/lib/python/08-ssl-fake-cacert.test +++ b/test/lib/python/08-ssl-fake-cacert.test @@ -8,21 +8,21 @@ import time from struct import * import ssl -import mosquitto +import paho.mqtt.client as mqtt if sys.version < '2.7': print("WARNING: SSL/TLS not supported on Python 2.6") exit(0) -def on_connect(mosq, obj, rc): +def on_connect(mqttc, obj, rc): exit(1) -mosq = mosquitto.Mosquitto("08-ssl-fake-cacert") -mosq.tls_set("../ssl/fake-ca.crt", "../ssl/client.crt", "../ssl/client.key") -mosq.on_connect = on_connect +mqttc = mqtt.Client("08-ssl-fake-cacert") +mqttc.tls_set("../ssl/fake-ca.crt", "../ssl/client.crt", "../ssl/client.key") +mqttc.on_connect = on_connect try: - mosq.connect("localhost", 1888) + mqttc.connect("localhost", 1888) except ssl.SSLError as msg: if msg.errno == 1 and "certificate verify failed" in msg.strerror: exit(0) diff --git a/test/lib/python3/08-ssl-fake-cacert.test b/test/lib/python3/08-ssl-fake-cacert.test index e740b60..f9b06d9 100755 --- a/test/lib/python3/08-ssl-fake-cacert.test +++ b/test/lib/python3/08-ssl-fake-cacert.test @@ -8,21 +8,21 @@ import time from struct import * import ssl -import mosquitto +import paho.mqtt.client as mqtt if sys.version < '2.7': print("WARNING: SSL/TLS not supported on Python 2.6") exit(0) -def on_connect(mosq, obj, rc): +def on_connect(mqttc, obj, rc): exit(1) -mosq = mosquitto.Mosquitto("08-ssl-fake-cacert") -mosq.tls_set("../ssl/fake-ca.crt", "../ssl/client.crt", "../ssl/client.key") -mosq.on_connect = on_connect +mqttc = mqtt.Client("08-ssl-fake-cacert") +mqttc.tls_set("../ssl/fake-ca.crt", "../ssl/client.crt", "../ssl/client.key") +mqttc.on_connect = on_connect try: - mosq.connect("localhost", 1888) + mqttc.connect("localhost", 1888) except ssl.SSLError as msg: if msg.errno == 1 and "certificate verify failed" in msg.strerror: exit(0) -- 2.39.5