U  W[ '@sdZddlmZmZddlZddlmZddlmZm Z m Z ddl m Z zTddl mZmZddl mZmZdd lmZdd lmZmZmZmZmZmZmZWn$ek rd ZdZZZYn2Xdd lmZm Z dd l!m"Z"m#Z#m$Z$ddl%m&Z&ddl'm(Z(ddl)m*Z*ddl+m,Z,ddl-m.Z.ddl/m0Z0m1Z1m2Z2m3Z3m4Z4m5Z5m6Z6ddl7m8Z8m9Z9ddl:m;Z;mZ>m?Z?m@Z@mAZAddlBmCZCddlDmEZEmFZFddlGmHZHmIZIddlJmKZKddlLmMZMmNZNGdddZOGddde@ZPd5d!d"ZQGd#d$d$eHZRd6d%d&ZSGd'd(d(eIZTGd)d*d*eHZUGd+d,d,eHZVGd-d.d.eHZWe e3Gd/d0d0e>ZXe e3Gd1d2d2eAZYGd3d4d4eHZZdS)7z% Tests for L{twisted.protocols.tls}. )divisionabsolute_importN) verifyObject) InterfacedirectlyProvides implementer) iterbytes)TLSMemoryBIOProtocolTLSMemoryBIOFactory) _PullToPush_ProducerMembrane)X509Type) TLSv1_METHODTLSv1_1_METHODTLSv1_2_METHODErrorContextConnectionType WantReadErrorz9pyOpenSSL 0.10 or newer required for twisted.protocol.tls)PrivateCertificateoptionsForClientTLS)ClientTLSContextServerTLSContextcertPath)!certificatesForAuthorityAndServer)connectedServerAndClient)FilePath)Failure)log) ISystemHandle ISSLTransport IPushProducerIProtocolNegotiationFactoryIHandshakeListenerIOpenSSLServerConnectionCreatorIOpenSSLClientConnectionCreator)ConnectionDoneConnectionLost)Deferred gatherResults) ClientFactoryFactoryProtocol ServerFactory) TaskStopped) loopbackAsynccollapsingPumpPolicy)TestCaseSynchronousTestCaseConnectionLostNotifyingProtocol)StringTransportNonStreamingProducerc@s@eZdZdZdZefddZddZeeZddZ d d Z d S) HandshakeCallbackContextFactorya L{HandshakeCallbackContextFactory} is a factory for SSL contexts which allows applications to get notification when the SSL handshake completes. @ivar _finished: A L{Deferred} which will be called back when the handshake is done. cCst|_||_dSN)r( _finished_method)selfmethodr>A/usr/lib/python3/dist-packages/twisted/protocols/test/test_tls.py__init__Hsz(HandshakeCallbackContextFactory.__init__cCs|}||jfS)z Create a new L{HandshakeCallbackContextFactory} and return a two-tuple of it and a L{Deferred} which will fire when a connection created with it completes a TLS handshake. )r:)clscontextFactoryr>r>r?factoryAndDeferredMsz2HandshakeCallbackContextFactory.factoryAndDeferredcCs||j@r|jddS)a This is the "info callback" on the context. It will be called periodically by pyOpenSSL with information about the state of a connection. When it indicates the handshake is complete, it will fire C{self._finished}. N)SSL_CB_HANDSHAKE_DONEr:callback)r<Z connectionwhereZretr>r>r?_infoXs z%HandshakeCallbackContextFactory._infocCst|j}||j|S)zp Create and return an SSL context configured to use L{self._info} as the info callback. )rr;Zset_info_callbackrG)r<contextr>r>r? getContextcs  z*HandshakeCallbackContextFactory.getContextN) __name__ __module__ __qualname____doc__rDrr@rC classmethodrGrIr>r>r>r?r7<s   r7c@s0eZdZdZddZddZddZdd Zd S) AccumulatingProtocola. A protocol which collects the bytes it receives and closes its connection after receiving a certain minimum of data. @ivar howMany: The number of bytes of data to wait for before closing the connection. @ivar received: A L{list} of L{bytes} of the bytes received so far. cCs ||_dSr9)howMany)r<rPr>r>r?r@xszAccumulatingProtocol.__init__cCs g|_dSr9)receivedr<r>r>r?connectionMade|sz#AccumulatingProtocol.connectionMadecCs0|j|ttt|j|jkr,|jdSr9)rQappendsummaplenrP transportloseConnectionr<datar>r>r? dataReceiveds z!AccumulatingProtocol.dataReceivedcCs|tst|dSr9)checkr&rerrr<reasonr>r>r?connectionLosts z#AccumulatingProtocol.connectionLostN)rJrKrLrMr@rSr\rar>r>r>r?rOns  rOFcstdt}fdd|_rFtttGfdddt}|}n|rRt}nt}t || |}| d}|dkr~t }| ||fS)z\ Create a protocol hooked up to a TLS transport hooked up to a StringTransport. lJ)csSr9r>r>clientProtocolr>r?z"buildTLSProtocol..cseZdZfddZeZdS)z-buildTLSProtocol..HardCodedConnectioncsSr9r>)r< tlsProtocolfakeConnectionr>r?clientConnectionForTLSszDbuildTLSProtocol..HardCodedConnection.clientConnectionForTLSN)rJrKrLriZserverConnectionForTLSr>rgr>r?HardCodedConnections rjN) rOr*protocolrr$r%objectrrr buildProtocolr5makeConnection)serverrXrh clientFactoryrjrBwrapperFactory sslProtocolr>)rcrhr?buildTLSProtocols,  rsc@s(eZdZdZddZddZddZdS) TLSMemoryBIOFactoryTestsz< Ensure TLSMemoryBIOFactory logging acts correctly. cCsnt}g}|j}t||tj|t}dd|_dd|_t |d|}||| |gdS)zs L{TLSMemoryBIOFactory.doStart} and L{TLSMemoryBIOFactory.doStop} do not log any messages. cSsdSr9r>r>r>r>r?rdrez5TLSMemoryBIOFactoryTests.test_quiet..cSsdSr9r>r>r>r>r?rdreFN) rrTr addObserver addCleanupremoveObserverr-ZdoStartZdoStopr assertEqual)r<rBZlogsZloggerwrappedFactoryfactoryr>r>r? test_quiets    z#TLSMemoryBIOFactoryTests.test_quietcCs(t}t|dt}|d|dS)z L{TLSMemoryBIOFactory.logPrefix} amends the wrapped factory's log prefix with a short string (C{"TLS"}) indicating the wrapping, rather than its full class name. FzServerFactory (TLS)N)rr r-rx logPrefix)r<rBrzr>r>r?test_logPrefixsz'TLSMemoryBIOFactoryTests.test_logPrefixcCs8Gdddt}t}t|d|}|d|dS)z If the wrapped factory does not provide L{ILoggingContext}, L{TLSMemoryBIOFactory.logPrefix} uses the wrapped factory's class name. c@s eZdZdS)zBTLSMemoryBIOFactoryTests.test_logPrefixFallback..NoFactoryNrJrKrLr>r>r>r? NoFactorysrFzNoFactory (TLS)N)rlrr rxr|)r<rrBrzr>r>r?test_logPrefixFallbacksz/TLSMemoryBIOFactoryTests.test_logPrefixFallbackN)rJrKrLrMr{r}rr>r>r>r?rts rtcst\}}ttGfdddttttGdddttttd|ddtfdd d t| d t fd d d t fd d fdd d d\}}}|||fS)a Construct a client and server L{TLSMemoryBIOProtocol} connected by an IO pump. @param greetingData: The data which should be written in L{connectionMade}. @type greetingData: L{bytes} @return: 3-tuple of client, server, L{twisted.test.iosim.IOPump} cs<eZdZdZdZfddZfddZddZZS) z*handshakingClientAndServer..ClientFNcs&t|dk r"|jdSr9)superrSrXwriterR)Client __class__clientGreetingDatar>r?rSsz9handshakingClientAndServer..Client.connectionMadecs$d|_|j|_r |jdSNT) handshookrXgetPeerCertificatepeerAfterHandshakeZabortConnectionrR)clientAbortAfterHandshaker>r?handshakeCompleteds z=handshakingClientAndServer..Client.handshakeCompletedcSsdSr9r>r_r>r>r?rasz9handshakingClientAndServer..Client.connectionLost) rJrKrLrrrSrra __classcell__r>)rrr)rr?rs  rc@s eZdZdZddZddZdS)z*handshakingClientAndServer..ServerFcSs d|_dSr) handshakedrRr>r>r?rsz=handshakingClientAndServer..Server.handshakeCompletedcSsdSr9r>r_r>r>r?rasz9handshakingClientAndServer..Server.connectionLostN)rJrKrLrrrar>r>r>r?Serversr example.comZ trustRootTcsdSNi?Br>r>)rr>r?rd rez,handshakingClientAndServer..)ZisClientryFcsdSrr>r>)rr>r?rdrecs dSr9rmr>)serverFr>r?rdrecs dSr9rr>)clientFr>r?rdre)Zgreet) rrr#rOrlr rr* forProtocoloptionsr-r)rrauthCert serverCertclientropumpr>)rrrrrrr?handshakingClientAndServers*     rc@s eZdZdZddZddZdS)DeterministicTLSMemoryBIOTestsz Test for the implementation of L{ISSLTransport} which runs over another transport. @note: Prefer to add test cases to this suite, in this style, using L{connectedServerAndClient}, rather than returning L{Deferred}s. cCsht\}}}||jjd||jjd|||jjd||jjd||jjddS)a The completion of the TLS handshake calls C{handshakeCompleted} on L{Protocol} objects that provide L{IHandshakeListener}. At the time C{handshakeCompleted} is invoked, the transport's peer certificate will have been initialized. FTN)rrxwrappedProtocolrrflush assertIsNotr)r<rrorr>r>r?test_handshakeNotification$s z9DeterministicTLSMemoryBIOTests.test_handshakeNotificationcCs0tdd\}}}|j}|||jgdS)a If some data is written to the transport in C{connectionMade}, but C{handshakeDone} doesn't like something it sees about the handshake, it can use C{abortConnection} to ensure that the application never receives that data. s untrustworthyTN)rrrrxrQ)r<rrorZwrappedServerProtocolr>r>r?test_handshakeStopWriting4s  z8DeterministicTLSMemoryBIOTests.test_handshakeStopWritingN)rJrKrLrMrrr>r>r>r?rsrc@seZdZdZddZddZddZdd Zd d Zd d Z ddZ ddZ ddZ ddZ ddZddZddZddZddZefd d!Zd"d#Zd$d%Zd&d'Zd(d)Zd*d+Zd,d-Zd.d/Zd0d1Zd2d3Zd4d5Zd6d7Zd8S)9TLSMemoryBIOTestsze Tests for the implementation of L{ISSLTransport} which runs over another L{ITransport}. cCs.tdd}|t||t|dS)zj L{TLSMemoryBIOProtocol} instances provide L{ISSLTransport} and L{ISystemHandle}. N)r assertTruer providedByr)r<protor>r>r?test_interfacesIs z!TLSMemoryBIOTests.test_interfacescCsrGdddt}Gdddt}t}t}t|d|}|}t||t|t}||| | |dS)zw L{TLSMemoryBIOProtocol} instances provide the interfaces provided by the transport they wrap. c@s eZdZdS)zDTLSMemoryBIOTests.test_wrappedProtocolInterfaces..ITransportNr~r>r>r>r? ITransportXsrc@seZdZddZdS)zETLSMemoryBIOTests.test_wrappedProtocolInterfaces..MyTransportcSsdSr9r>rZr>r>r?r\szKTLSMemoryBIOTests.test_wrappedProtocolInterfaces..MyTransport.writeN)rJrKrLrr>r>r>r? MyTransport[srTN) rrlr*rr rr r,rnrr)r<rrrprBrqrXrfr>r>r?test_wrappedProtocolInterfacesSs   z0TLSMemoryBIOTests.test_wrappedProtocolInterfacescCsHt}t}t|d|}t|t}t}||||t dS)a/ L{TLSMemoryBIOProtocol.getHandle} returns the L{OpenSSL.SSL.Connection} instance it uses to actually implement TLS. This may seem odd. In fact, it is. The L{OpenSSL.SSL.Connection} is not actually the "system handle" here, nor even an object the reactor knows about directly. However, L{twisted.internet.ssl.Certificate}'s C{peerFromTransport} and C{hostFromTransport} methods depend on being able to get an L{OpenSSL.SSL.Connection} object in order to work properly. Implementing L{ISystemHandle.getHandle} like this is the easiest way for those APIs to be made to work. If they are changed, then it may make sense to get rid of this implementation of L{ISystemHandle} and return the underlying socket instead. TN) r*rr r r,r5rnassertIsInstanceZ getHandler)r<rzrBrqrrXr>r>r?test_getHandleks   z TLSMemoryBIOTests.test_getHandlecsrtt}fdd|_t}t|d|}|d}t}|||j | j || j |dS)z When L{TLSMemoryBIOProtocol} is connected to a transport, it connects the protocol it wraps to a transport. csSr9r>r>rbr>r?rdrez7TLSMemoryBIOTests.test_makeConnection..TN) r,r*rkrr rmr5rnZassertIsNotNonerXrassertIs)r<rprBrqrrrXr>rbr?test_makeConnections   z%TLSMemoryBIOTests.test_makeConnectionc Cslt}t|_t\}}t|d|}|d}t}t|_t}t|d|}|d}t ||} |||| fS)z@ Start handshake between TLS client and server. TNF) r*r,rkr7rCr rmr-rr/) r<rpclientContextFactoryhandshakeDeferredrqsslClientProtocol serverFactoryserverContextFactorysslServerProtocolconnectionDeferredr>r>r?handshakeProtocolss.   z$TLSMemoryBIOTests.handshakeProtocolscCs|\}}}}|S)zr The TLS handshake is performed when L{TLSMemoryBIOProtocol} is connected to a transport. )r)r< tlsClient tlsServerr_r>r>r?test_handshakesz TLSMemoryBIOTests.test_handshakec stt}fdd|_t}t|d|}|d}tt}fdd|_tt }t |}| |}t|d|}|d} t | |} dd} | | t| gS) z L{TLSMemoryBIOProtocol} reports errors in the handshake process to the application-level protocol object using its C{connectionLost} method and disconnects the underlying transport. cstSr9r3r>clientConnectionLostr>r?rdsz9TLSMemoryBIOTests.test_handshakeFailure..TNcstSr9r3r>)serverConnectionLostr>r?rdsFcSs|jtdSr9)lostConnectionReasontrapr)rkr>r>r?cbConnectionLostszATLSMemoryBIOTests.test_handshakeFailure..cbConnectionLost)r(r*rkr7r rmr-rrZ getContentrZloadPEMrr/ addCallbackr)) r<rprrqrrZcertificateDataZ certificaterrrrr>)rrr?test_handshakeFailuresB          z'TLSMemoryBIOTests.test_handshakeFailurec s|t}t|_t\}}t|d|}|dt}t|_t}t|d|}|d}t |fdd}| ||S)z L{TLSMemoryBIOProtocol.getPeerCertificate} returns the L{OpenSSL.crypto.X509Type} instance representing the peer's certificate. TNFcs*}|t|dddS)NZsha1s;23:4B:72:99:2E:5D:5E:2B:02:C3:BC:1B:7C:50:67:05:4F:60:FF:C9)rrr rxZdigest)ignoredZcertr<rr>r? cbHandshook s  z>TLSMemoryBIOTests.test_getPeerCertificate..cbHandshook) r*r,rkr7rCr rmr-rr/r) r<rprrrqrrrrr>rr?test_getPeerCertificates.    z)TLSMemoryBIOTests.test_getPeerCertificatec sdtt}fdd|_t\}}t|d|}|d}ttt }fdd|_t }t|d|}|d}t ||fdd } | | fd d } | | |S) Bytes written to L{TLSMemoryBIOProtocol} before the handshake is complete are received by the protocol on the other side of the connection once the handshake succeeds. some bytescsSr9r>r>rbr>r?rd"rez.TNcsSr9r>r>serverProtocolr>r?rd,reFcsjSr9rXrr)rcrr[r>r?r6s z?TLSMemoryBIOTests.test_writeAfterHandshake..cbHandshookcsdjdSNrerxjoinrQrr[r<rr>r?cbDisconnected?szBTLSMemoryBIOTests.test_writeAfterHandshake..cbDisconnected) r,r*rkr7rCr rmrOrWr-rr/r) r<rprrrqrrrrrrr>)rcrr[r<rr?test_writeAfterHandshakes8      z*TLSMemoryBIOTests.test_writeAfterHandshakec st}||_t\}}t|d|}|d}ttt}fdd|_t } t| d|}|d} t | |} fdd} | | | S)z{ Run test where client sends data before handshake, given the sending protocol and expected bytes. TNcsSr9r>r>rr>r?rdVrez.FcsdjdSrrrrr>r?cbConnectionDoneaszDTLSMemoryBIOTests.writeBeforeHandshakeTest..cbConnectionDone) r*rkr7rCr rmrOrWr-rr/r) r<ZsendingProtocolr[rprrrqrrrrrrr>rr?writeBeforeHandshakeTestFs0     z*TLSMemoryBIOTests.writeBeforeHandshakeTestcs$dGfdddt}||S)rrcseZdZfddZdS)zJTLSMemoryBIOTests.test_writeBeforeHandshake..SimpleSendingProtocolcs|jdSr9rrRr[r>r?rSpszYTLSMemoryBIOTests.test_writeBeforeHandshake..SimpleSendingProtocol.connectionMadeNrJrKrLrSr>rr>r?SimpleSendingProtocolosrr,rr<rr>rr?test_writeBeforeHandshakegsz+TLSMemoryBIOTests.test_writeBeforeHandshakecs$dGfdddt}||S)z Bytes written to L{TLSMemoryBIOProtocol} with C{writeSequence} are received by the protocol on the other side of the connection. rcseZdZfddZdS)zCTLSMemoryBIOTests.test_writeSequence..SimpleSendingProtocolcs|jttdSr9rX writeSequencelistrrRrr>r?rS}szRTLSMemoryBIOTests.test_writeSequence..SimpleSendingProtocol.connectionMadeNrr>rr>r?r|srrrr>rr?test_writeSequencevsz$TLSMemoryBIOTests.test_writeSequencecs$dGfdddt}||S)z Bytes written to L{TLSMemoryBIOProtocol} after C{loseConnection} is called are not transmitted (unless there is a registered producer, which will be tested elsewhere). rcseZdZfddZdS)zNTLSMemoryBIOTests.test_writeAfterLoseConnection..SimpleSendingProtocolcs4|j|j|jd|jdgdS)Nhelloworld)rXrrYrrRrr>r?rSs   z]TLSMemoryBIOTests.test_writeAfterLoseConnection..SimpleSendingProtocol.connectionMadeNrr>rr>r?rsrrrr>rr?test_writeAfterLoseConnectionsz/TLSMemoryBIOTests.test_writeAfterLoseConnectioncs>dgGfdddt}|d}|fddS)zV Writing C{unicode} to L{TLSMemoryBIOProtocol} throws a C{TypeError}. ZhellocseZdZfddZdS)zQTLSMemoryBIOTests.test_writeUnicodeRaisesTypeError..SimpleSendingProtocolcsJz|jWntk r.dYnX|jd|jdS)NTbytes)rXr TypeErrorrTrYrRnotBytesresultr>r?rSs  z`TLSMemoryBIOTests.test_writeUnicodeRaisesTypeError..SimpleSendingProtocol.connectionMadeNrr>rr>r?rsrrcsdgSr)rxign)rr<r>r?rdrezDTLSMemoryBIOTests.test_writeUnicodeRaisesTypeError..)r,rr)r<rdr>)rrr<r? test_writeUnicodeRaisesTypeErrors  z2TLSMemoryBIOTests.test_writeUnicodeRaisesTypeErrorc sddddddddd g Gfd d d t}t}||_t}t|d |}|d }tttt t }fdd|_t }t|d|}|d }t ||t } fdd} | | | S)z If multiple separate TLS messages are received in a single chunk from the underlying transport, all of the application bytes from each message are delivered to the application-level protocol. abcdefghicseZdZfddZdS)zDTLSMemoryBIOTests.test_multipleWrites..SimpleSendingProtocolcsD]}|j|qdSr9r)r<brr>r?rSszSTLSMemoryBIOTests.test_multipleWrites..SimpleSendingProtocol.connectionMadeNrr>rr>r?rsrTNcsSr9r>r>rr>r?rdrez7TLSMemoryBIOTests.test_multipleWrites..FcsdjddSrrrrr>r?rsz?TLSMemoryBIOTests.test_multipleWrites..cbConnectionDone)r,r*rkr7r rmrOrUrVrWr-rr/r0r) r<rrprrqrrrrrrr>rr?test_multipleWritess2    z%TLSMemoryBIOTests.test_multipleWritesc sddGfdddt}t}||_t|d}t|d|}|d}ttt}fdd |_t |d}t|d |}|d} t | |} fd d } | | | S) z If a very long string is passed to L{TLSMemoryBIOProtocol.write}, any trailing part of it which cannot be send immediately is buffered and sent later. ricseZdZfddZdS)z:TLSMemoryBIOTests.hugeWrite..SimpleSendingProtocolcs|jdSr9rrRr[factorr>r?rSszITLSMemoryBIOTests.hugeWrite..SimpleSendingProtocol.connectionMadeNrr>rr>r?rsrr=TNcsSr9r>r>rr>r?rdrez-TLSMemoryBIOTests.hugeWrite..FcsdjdSrrrr[rr<rr>r?rsz5TLSMemoryBIOTests.hugeWrite..cbConnectionDone) r,r*rkr7r rmrOrWr-rr/r) r<r=rrprrqrrrrrrr>rr? hugeWrites4      zTLSMemoryBIOTests.hugeWritecCs|Sr9)rrRr>r>r?test_hugeWrite_TLSv1sz&TLSMemoryBIOTests.test_hugeWrite_TLSv1cCs |jtdSNr)rrrRr>r>r?test_hugeWrite_TLSv1_1sz(TLSMemoryBIOTests.test_hugeWrite_TLSv1_1cCs |jtdSr)rrrRr>r>r?test_hugeWrite_TLSv1_2sz(TLSMemoryBIOTests.test_hugeWrite_TLSv1_2csftt}fdd|_t}t|d|}|d}t}t|||j dd} |S)z~ If a L{TLSMemoryBIOProtocol} loses its connection unexpectedly, this is reported to the application. cstSr9r3r>rr>r?rdsz;TLSMemoryBIOTests.test_disorderlyShutdown..TNcSs|jttdSr9)rrrr'rbr>r>r?rszATLSMemoryBIOTests.test_disorderlyShutdown..cbDisconnected) r(r*rkr7r rmr,r/rXrYr)r<rprrqrrrr>rr?test_disorderlyShutdowns"     z)TLSMemoryBIOTests.test_disorderlyShutdownc sGdddt}tt}|fdd|_t\}}t|d|}|d}t|t}fdd|_t }t|d|}|d} t | |d d fd d } | | fd d} | | |S)z L{TLSMemoryBIOProtocol.loseConnection} sends a TLS close alert and shuts down the underlying connection cleanly on both sides, after transmitting all buffered data. c@seZdZddZddZdS)zNTLSMemoryBIOTests.test_loseConnectionAfterHandshake..NotifyingProtocolcSst||g|_dSr9)r4r@r[)r<ZonConnectionLostr>r>r?r@!szWTLSMemoryBIOTests.test_loseConnectionAfterHandshake..NotifyingProtocol.__init__cSs|j|dSr9)r[rTrZr>r>r?r\&sz[TLSMemoryBIOTests.test_loseConnectionAfterHandshake..NotifyingProtocol.dataReceivedN)rJrKrLr@r\r>r>r>r?NotifyingProtocol srcsSr9r>r>rbr>r?rd,rezETLSMemoryBIOTests.test_loseConnectionAfterHandshake..TNcsSr9r>r>rr>r?rd7reFs 123456890ics.jjdjtgS)Nx)rXrrYr)r) chunkOfBytesrrcrrr>r? cbHandshakeBs   zHTLSMemoryBIOTests.test_loseConnectionAfterHandshake..cbHandshakecsX|\}}|jt|jtd|j|jjj |jjj dSr) rrr&rxrr[rrXqZ disconnect)rrcr)rr<r>r?rTs   zMTLSMemoryBIOTests.test_loseConnectionAfterHandshake..cbConnectionDone) r4r(r*rkr7rCr rmr-rr/r) r<rrprrrqrrrrrrr>)rrrcr<rrr?!test_loseConnectionAfterHandshakes>      z3TLSMemoryBIOTests.test_loseConnectionAfterHandshakecCsGdddt}ttdt}|}t||}t}|||d||j | |j | t td||j t||j jjddS)zz The user protocol's connectionLost is only called when transport underlying TLS is disconnected. c@seZdZdZddZdS)zTTLSMemoryBIOTests.test_connectionLostOnlyAfterUnderlyingCloses..LostProtocolNcSs ||_dSr9) disconnectedr_r>r>r?raoszcTLSMemoryBIOTests.test_connectionLostOnlyAfterUnderlyingCloses..LostProtocol.connectionLost)rJrKrLrrar>r>r>r? LostProtocolmsrTNono)r)r,r rr*r r5rnZ_tlsShutdownFinishedr disconnecting assertIsNonerrarr'r]rxvalueargs)r<rrqrkrfrXr>r>r?,test_connectionLostOnlyAfterUnderlyingCloseshs     z>TLSMemoryBIOTests.test_connectionLostOnlyAfterUnderlyingClosescs||\}}}}||g|jffdd }||_|d|||j|dg||dg|S)z If TLSMemoryBIOProtocol.loseConnection is called multiple times, all but the first call have no effect. csd|SNrTZshutdowncallsr>r? _shutdownTLSs z@TLSMemoryBIOTests.test_loseConnectionTwice.._shutdownTLSrr)rZsuccessResultOfrrrYrrrx)r<rrrdisconnectDeferredrr>rr?test_loseConnectionTwices    z*TLSMemoryBIOTests.test_loseConnectionTwicecs\\}}}g|jffdd }|_d|fdd}|||S)zq If TLSMemoryBIOProtocol.loseConnection is called after connectionLost, it does nothing. csd|Sr rrrr>r?rs zNTLSMemoryBIOTests.test_loseConnectionAfterConnectionLost.._shutdownTLSrcs(dgdgdSr )rxrYrrr<rr>r?rszNTLSMemoryBIOTests.test_loseConnectionAfterConnectionLost..disconnected)rrrrYr)r<rrrrrr>rr?&test_loseConnectionAfterConnectionLosts   z8TLSMemoryBIOTests.test_loseConnectionAfterConnectionLostcs`\}}}|j}g}g|j|_j|_fdd}||fdd}|||S)zP Unexpected disconnects get converted to ConnectionLost errors. csdjdSNr)rrXrYrrr>r? handshakeDones z;TLSMemoryBIOTests.test_unexpectedEOF..handshakeDonecsdtddSNr)rr]r'rr`r<r>r?rsz:TLSMemoryBIOTests.test_unexpectedEOF..disconnected)rrrTr\rar)r<rrrrr[rrr>r`r<rr?test_unexpectedEOFs    z$TLSMemoryBIOTests.test_unexpectedEOFcsl\}}}gjj_Gdddt}|j_fdd}||fdd}|||S)zN Errors while writing cause the protocols to be disconnected. c@s$eZdZddZddZddZdS)z4TLSMemoryBIOTests.test_errorWriting..WrappercSs ||_dSr9)_wrapped)r<wrappedr>r>r?r@sz=TLSMemoryBIOTests.test_errorWriting..Wrapper.__init__cSs t|j|Sr9)getattrr )r<attrr>r>r? __getattr__sz@TLSMemoryBIOTests.test_errorWriting..Wrapper.__getattr__cWs tddS)NzONO!)r)r<r r>r>r?sendsz9TLSMemoryBIOTests.test_errorWriting..Wrapper.sendN)rJrKrLr@r$r%r>r>r>r?Wrappersr&csddSr)rrrr>r?rsz:TLSMemoryBIOTests.test_errorWriting..handshakeDonecsdtddSr)rr]rrrr>r?rsz9TLSMemoryBIOTests.test_errorWriting..disconnected)rrTrrarl_tlsConnectionr)r<rrrr&rrr>rr?test_errorWritings      z#TLSMemoryBIOTests.test_errorWritingc Csdd}|tjtGdddt}Gdddt}|t}||}t\}}t|dt |}tt d|d d t |} t t||t| ||t} ||} | | || | |d S) z TLSMemoryBIOProtocol doesn't leave circular references that keep it in memory after connection is closed. cstfddtDS)z Return the number of instances of a given type in memory. @param type: Type whose instances to find. @return: The number of instances found. c3s|]}t|rdVqdS)rN) isinstance).0xtyper>r? s zVTLSMemoryBIOTests.test_noCircularReferences..nObjectsOfType..)rUgcZ get_objectsr,r>r,r?nObjectsOfTypeszCTLSMemoryBIOTests.test_noCircularReferences..nObjectsOfTypec@seZdZddZdS)zCTLSMemoryBIOTests.test_noCircularReferences..CloserProtocolcSs|jdSr9)rXrYrZr>r>r?r\ szPTLSMemoryBIOTests.test_noCircularReferences..CloserProtocol.dataReceivedN)rJrKrLr\r>r>r>r?CloserProtocol sr1c@seZdZddZdS)zDTLSMemoryBIOTests.test_noCircularReferences..GreeterProtocolcSs|jddSrrrRr>r>r?rSszSTLSMemoryBIOTests.test_noCircularReferences..GreeterProtocol.connectionMadeNrr>r>r>r?GreeterProtocolsr2FrrTN)rvr/enabledisabler,r rr rr+rrr/rx) r<r0r1r2Z origTLSProtosZorigServerProtosrrrrpZ newTLSProtosZnewServerProtosr>r>r?test_noCircularReferencess4      z+TLSMemoryBIOTests.test_noCircularReferencesN) rJrKrLrMrrrrrrrrrrrrrrrrrrrrrrr rrrr(r5r>r>r>r?rCs8  2'.! ' &Nrc@seZdZdZd.ddZd/ddZdd Zd d Zd d ZddZ ddZ ddZ ddZ ddZ ddZddZddZddZd d!Zd"d#Zd$d%Zd&d'Zd(d)Zd*d+Zd,d-ZdS)0TLSProducerTestszA The TLS transport must support the IConsumer interface. FcCs(|}||t|p|d|S)a Drain the bytes currently pending write from a L{StringTransport}, then clear it, since those bytes have been consumed. @param transport: The L{StringTransport} to get the bytes from. @type transport: L{StringTransport} @param allowEmpty: Allow the test to pass even if the transport has no outgoing bytes in it. @type allowEmpty: L{bool} @return: the outgoing bytes from the given transport @rtype: L{bytes} T)r clearrxbool)r<rXZ allowEmptyr r>r>r?drain2szTLSProducerTests.drainNcCsNGdddt}t|||d\}}|}|j|d||jj|||fS)Nc@s,eZdZddZddZddZddZd S) zGTLSProducerTests.setupStreamingProducer..HistoryStringTransportcSst|g|_dSr9)r5r@producerHistoryrRr>r>r?r@Js zPTLSProducerTests.setupStreamingProducer..HistoryStringTransport.__init__cSs|jdt|dS)Npause)r:rTr5pauseProducingrRr>r>r?r<Ns zVTLSProducerTests.setupStreamingProducer..HistoryStringTransport.pauseProducingcSs|jdt|dS)Nresume)r:rTr5resumeProducingrRr>r>r?r>Rs zWTLSProducerTests.setupStreamingProducer..HistoryStringTransport.resumeProducingcSs|jdt|dS)Nstop)r:rTr5 stopProducingrRr>r>r?r@Vs zUTLSProducerTests.setupStreamingProducer..HistoryStringTransport.stopProducingN)rJrKrLr@r<r>r@r>r>r>r?HistoryStringTransportIsrA)rXrhroT)r5rsrXregisterProducerr streaming)r<rXrhrorAZapplicationProtocolrfproducerr>r>r?setupStreamingProducerGs z'TLSProducerTests.setupStreamingProducercCsztdD]H}||jd}|r(||||jd}|rD|||s|sqRq||jd||jddS)zJ Transfer bytes back and forth between two TLS protocols. TreN)ranger9rXr\rxr )r<rfserverTLSProtocoliZ clientDataZ serverDatar>r>r?flushTwoTLSProtocolscs   z%TLSProducerTests.flushTwoTLSProtocolsc Cs,|\}}}|jdd\}}}||||j}||t|j||| |j d}|j ||j || |j | |j } | dd| dd| ddfD]} || q| |j jd|j |||| |j jd| d |j|| |jd d gdS) z If we write some data to a TLS connection that is blocked waiting for a renegotiation with its peer, it will pause and resume its registered producer exactly once. TrospayloadrrNFrer;r=)rErJr'Z renegotiate assertRaisesr do_handshakeZ _flushSendBIOr\r9rXrrYrxrunregisterProducerrrQr:) r<cZctcpsstZspZtlscZpayloadZmessageThatUnblocksTheServerZfragmentr>r>r? test_producerDuringRenegotiationvs0          z1TLSProducerTests.test_producerDuringRenegotiationcCsJ|\}}}|jj||jd||jdg||jj dS)z When the TLS transport is not blocked on reads, it correctly calls pauseProducing on the registered producer. pausedr;N) rErXrDr<rx producerStater:r _producer_producerPausedr<rrfrDr>r>r?(test_streamingProducerPausedInNormalModes  z9TLSProducerTests.test_streamingProducerPausedInNormalModecCsh|\}}}|jj||jdg|jj||jd||jddg||j j dS)z When the TLS transport is not blocked on reads, it correctly calls resumeProducing on the registered producer. r; producingr=N) rErXrDr<rxr:r>rV assertFalserWrXrYr>r>r?)test_streamingProducerResumedInNormalModes  z:TLSProducerTests.test_streamingProducerResumedInNormalModecCsJ|\}}}|jd||jd||jdg||jjdS)z When the TLS transport is blocked on reads, it correctly calls pauseProducing on the registered producer. rrUr;N) rErXrrxrVr:rrWrXr<rcrfrDr>r>r?4test_streamingProducerPausedInWriteBlockedOnReadModes  zETLSProducerTests.test_streamingProducerPausedInWriteBlockedOnReadModecCs|\}}}|jdd||jdgtdd\}}|||||jddg||jj ||jj ||j ddS) z When the TLS transport is blocked on reads, it correctly calls resumeProducing on the registered producer. s hello worldir;TrKr=r[N) rErXrrxr:rsrJr\rWrXrrV)r<rcrfrDrrHr>r>r?5test_streamingProducerResumedInWriteBlockedOnReadModes zFTLSProducerTests.test_streamingProducerResumedInWriteBlockedOnReadModecCs@|\}}}|j}t}|t|jj|d||j|dS)zM Registering a streaming producer twice throws an exception. TN)rErWrlrM RuntimeErrorrXrBr)r<rcrfrDZoriginalProducerZ producer2r>r>r?test_streamingProducerTwicesz,TLSProducerTests.test_streamingProducerTwicecCs6|\}}}|j||j||jjdS)z\ Unregistering a streaming producer removes it, reverting to initial state. NrErXrOr rWrDr^r>r>r? test_streamingProducerUnregisters  z1TLSProducerTests.test_streamingProducerUnregistercCs@|\}}}|j|j||j||jjdS)zd Unregistering a streaming producer when no producer is registered is safe. Nrcr^r>r>r?%test_streamingProducerUnregisterTwices    z6TLSProducerTests.test_streamingProducerUnregisterTwicecCs|\}}}tdd\}}|s.|||n|jd|j|||||jj|d|jk|jd|j ddg|j | |j d||jj|jd |j d g|||| |jj|d|jd d S) zl Common code for tests involving writes by producer after loseConnection is called. TrKsx r?r rreswon'tswon't!s x hello worldN)rErsrJrXrrYr\rr:rrOZassertNotEqualr rrxrrQ)r<ZwriteBlockedOnReadrcrfrDrrHr>r>r?loseConnectionWithProducers&       z+TLSProducerTests.loseConnectionWithProducercCs |dS)z loseConnection() waits for the producer to unregister itself, then does a clean TLS close alert, then closes the underlying connection. FrgrRr>r>r?0test_streamingProducerLoseConnectionWithProducer9szATLSProducerTests.test_streamingProducerLoseConnectionWithProducercCs |dS)z Even when writes are blocked on reading, loseConnection() waits for the producer to unregister itself, then does a clean TLS close alert, then closes the underlying connection. TrhrRr>r>r?4test_streamingProducerLoseConnectionWithProducerWBORAszETLSProducerTests.test_streamingProducerLoseConnectionWithProducerWBORcCsGdddt}Gdddt}|}|j||d\}}}||jd|jd||jd||jd g|jj ||jd||jd d g| d||jd||jd d gd S) z pauseProducing() events can come from both the TLS transport layer and the underlying transport. In this case, both decide to pause, underlying first. c@seZdZdZddZdS)zbTLSProducerTests.test_streamingProducerBothTransportsDecideToPause..PausingStringTransportFcSs0|js |jdk r d|_|jt||dSr) _didPauserDr<r5rrZr>r>r?rSs zhTLSProducerTests.test_streamingProducerBothTransportsDecideToPause..PausingStringTransport.writeN)rJrKrLrkrr>r>r>r?PausingStringTransportPsrlc@sDeZdZddZddZddZddZd d Zd d Zd dZ dS)zYTLSProducerTests.test_streamingProducerBothTransportsDecideToPause..TLSConnectioncSs g|_dSr9)lrRr>r>r?r@[szbTLSProducerTests.test_streamingProducerBothTransportsDecideToPause..TLSConnection.__init__cSsF|js|dd}t|jdkr2|jdt|j|t|S)NrrU)rmrWrTrrZr>r>r?r%^s   z^TLSProducerTests.test_streamingProducerBothTransportsDecideToPause..TLSConnection.sendcSsdSr9r>rRr>r>r?set_connect_statejszkTLSProducerTests.test_streamingProducerBothTransportsDecideToPause..TLSConnection.set_connect_statecSsdSr9r>rRr>r>r?rNmszfTLSProducerTests.test_streamingProducerBothTransportsDecideToPause..TLSConnection.do_handshakecSsdSr9r>rZr>r>r? bio_writepszcTLSProducerTests.test_streamingProducerBothTransportsDecideToPause..TLSConnection.bio_writecSsdS)NXr>r<sizer>r>r?bio_readsszbTLSProducerTests.test_streamingProducerBothTransportsDecideToPause..TLSConnection.bio_readcSs tdSr9)rrrr>r>r?recvvsz^TLSProducerTests.test_streamingProducerBothTransportsDecideToPause..TLSConnection.recvN) rJrKrLr@r%rorNrprtrur>r>r>r? TLSConnectionZs rvrgr[rrUr;r=N) r5rlrErxrVrXrr:rDr>r\)r<rlrvrXrcrfrDr>r>r?1test_streamingProducerBothTransportsDecideToPauseJs"     zBTLSProducerTests.test_streamingProducerBothTransportsDecideToPausecCs,|\}}}|jj||jddS)z If the underlying transport tells its producer to stopProducing(), this is passed on to the high-level producer. stoppedN)rErXrDr@rxrVrYr>r>r?#test_streamingProducerStopProducings z4TLSProducerTests.test_streamingProducerStopProducingcst\}t|j|jdjjjtjj |j jj fdd}j |tdd\}}|j S)zM Non-streaming producers get wrapped as streaming producers. Fcs*jjjjdSr9)r consumerrXrDrr:ignorerDr<streamingProducerrfr>r?dones z8TLSProducerTests.test_nonStreamingProducer..doneTrK)rsr6rXrBrDrWrr rxZ _consumerrrCrrrJ)r<rcrrrHr>r}r?test_nonStreamingProducers      z*TLSProducerTests.test_nonStreamingProducercCs"t}t|}|tt|dS)zC L{_ProducerMembrane} implements L{IPushProducer}. N)r5r rrr!)r<rDZmembraner>r>r?test_interfaceszTLSProducerTests.test_interfacecCsdt\}}dd|_Gdddt}|tt|}||d||jj| |j dS)z If a producer is registered after the transport has disconnected, the producer is not used, and its stopProducing method is called. cSs |ttSr9)rrr'r`r>r>r?rdszFTLSProducerTests.registerProducerAfterConnectionLost..c@s eZdZdZddZddZdS)zFTLSProducerTests.registerProducerAfterConnectionLost..ProducerFcSsddS)Nrrr>rRr>r>r?r>szVTLSProducerTests.registerProducerAfterConnectionLost..Producer.resumeProducingcSs d|_dSr)rxrRr>r>r?r@szTTLSProducerTests.registerProducerAfterConnectionLost..Producer.stopProducingN)rJrKrLrxr>r@r>r>r>r?ProducersrFN) rsrarlrr&rBr rXrDrrx)r<rCrcrfrrDr>r>r?#registerProducerAfterConnectionLosts    z4TLSProducerTests.registerProducerAfterConnectionLostcCs|ddS)z If a streaming producer is registered after the transport has disconnected, the producer is not used, and its stopProducing method is called. TNrrRr>r>r?)test_streamingProducerAfterConnectionLostsz:TLSProducerTests.test_streamingProducerAfterConnectionLostcCs|ddS)z If a non-streaming producer is registered after the transport has disconnected, the producer is not used, and its stopProducing method is called. FNrrRr>r>r?,test_nonStreamingProducerAfterConnectionLostsz=TLSProducerTests.test_nonStreamingProducerAfterConnectionLost)F)NNF)rJrKrLrMr9rErJrTrZr]r_r`rbrdrergrirjrwryrrrrrr>r>r>r?r6-s0  %   1 G    r6c@s`eZdZdZddZddZddZdd Zd d Zd d Z ddZ ddZ ddZ ddZ dS)NonStreamingProducerTestszP Non-streaming producers can be adapted into being streaming producers. csbt}t|djffdd }|_|j}fdd}|||S)zd Verify the consumer writes out all its data, but is not called after that. Tcs|dSr9 stopStreamingZorigr~r>r? unregistersz.unregistercs,djjdS)Ns 0123456789)rxr r rDrr:rrzr<r~r>r? doneStreaming s z?NonStreamingProducerTests.streamUntilEnd..doneStreaming)r6r rBrOrrstartStreaming)r<rz nsProducerrrrr>rr?streamUntilEnds   z(NonStreamingProducerTests.streamUntilEndcCst}||S)z When converted to a streaming producer, the non-streaming producer writes out all its data, but is not called after that. r5r)r<rzr>r>r?test_writeUntilDonesz-NonStreamingProducerTests.test_writeUntilDonecsvGdddt}|}t|}t|||dfdd}|j||j}fdd}|||S)z} When the streaming producer is paused, the underlying producer stops getting resumeProducing calls. c@s eZdZdZddZddZdS)zDNonStreamingProducerTests.test_pause..PausingStringTransportrcSst|t|_dSr9)r5r@r(rUrRr>r>r?r@*s zMNonStreamingProducerTests.test_pause..PausingStringTransport.__init__cSsF|jd7_t|||jdkrB|j|j}|`|ddSNrrF)writesr5rrDr<rUrE)r<r[rr>r>r?r.s   zJNonStreamingProducerTests.test_pause..PausingStringTransport.writeN)rJrKrLrr@rr>r>r>r?rl'srlTcsddS)Nz$BUG: The producer should not finish!)Zfailr{rRr>r?shouldNotBeCalled>sz?NonStreamingProducerTests.test_pause..shouldNotBeCalledcsjjddSr )rx _coopTaskZ _pauseCountr{r<r~r>r?rUCsz4NonStreamingProducerTests.test_pause..paused)r5r6r rBrrrUr)r<rlrzrrrrUr>rr? test_pause"s     z$NonStreamingProducerTests.test_pausecCs Gdddt}|}||S)a When the streaming producer is paused and then resumed, the underlying producer starts getting resumeProducing calls again after the resume. The test will never finish (or rather, time out) if the resume producing call is not working. c@seZdZdZddZdS)zENonStreamingProducerTests.test_resume..PausingStringTransportrcSs<|jd7_t|||jdkr8|j|jdSr)rr5rrDr<r>rZr>r>r?rXs    zKNonStreamingProducerTests.test_resume..PausingStringTransport.writeNrJrKrLrrr>r>r>r?rlUsrlr)r<rlrzr>r>r? test_resumeMs z%NonStreamingProducerTests.test_resumecsbGdddt}|ttdj}fdd}|||S)z When the streaming producer is stopped by the consumer, the underlying producer is stopped, and streaming is stopped. c@seZdZdZddZdS)zMNonStreamingProducerTests.test_stopProducing..StoppingStringTransportrcSs2|jd7_t|||jdkr.|jdSr)rr5rrDr@rZr>r>r?rks  zSNonStreamingProducerTests.test_stopProducing..StoppingStringTransport.writeNrr>r>r>r?StoppingStringTransporthsrTcs,djjdS)Ns012)rxr rrxr:rrzrr<r~r>r?rws zCNonStreamingProducerTests.test_stopProducing..doneStreaming)r5r6r rBrrr)r<rrrr>rr?test_stopProducingcs    z,NonStreamingProducerTests.test_stopProducingcsGdddt}|}t|dgtjtjjjffdd }|_ j }| ddfdd }| ||S) z Common implementation for tests where the underlying producer throws an exception when its resumeProducing is called. c@seZdZddZdS)zINonStreamingProducerTests.resumeProducingRaises..ThrowingProducercSs |jdkrddSt|dS)NrLrr)Zcounterr6r>rRr>r>r?r>s zYNonStreamingProducerTests.resumeProducingRaises..ThrowingProducer.resumeProducingN)rJrKrLr>r>r>r>r?ThrowingProducersrTcs|dSr9rrrr>r?rszCNonStreamingProducerTests.resumeProducingRaises..unregistercSs |tSr9)rr.rr>r>r?rdrezANonStreamingProducerTests.resumeProducingRaises..csxd}t|tt|D].\}\}}}||||dq8jdS)Ns01Zwhy) rxr ZflushLoggedErrorsrWziprr]ZassertInr:)rerrorsfZexpectedmsgZlogMsgrzexpectedExceptionsZ loggedMsgsr<r~r>r?rxsz@NonStreamingProducerTests.resumeProducingRaises..stopped)r6r rBrrurTrvrwrOrrZwhenDoneZ addErrbackr)r<rzrrrrrrxr>rr?resumeProducingRaisess     z/NonStreamingProducerTests.resumeProducingRaisescs4ttdfg}fdd}|||S)z If the underlying producer raises an exception when resumeProducing is called, the streaming wrapper should log the error, unregister from the consumer and stop streaming. !failed, producing will be stoppedcsjdSr9)r rDr{rzr<r>r? cleanShutdownszKNonStreamingProducerTests.test_resumeProducingRaises..cleanShutdown)r5rZeroDivisionErrorr)r<rrr>rr?test_resumeProducingRaisess z4NonStreamingProducerTests.test_resumeProducingRaisescCs,t}dd}||_||tdftdfgS)a If the underlying producer raises an exception when resumeProducing is called, the streaming wrapper should log the error, unregister from the consumer and stop streaming even if the unregisterProducer call also raise. cSs tdSr9)rar>r>r>r?raisersz^NonStreamingProducerTests.test_resumeProducingRaiseAndUnregisterProducerRaises..raiserrzfailed to unregister producer)r5rOrrra)r<rzrr>r>r?4test_resumeProducingRaiseAndUnregisterProducerRaisesszNNonStreamingProducerTests.test_resumeProducingRaiseAndUnregisterProducerRaisescCs@t}t|}t||}|||||jdS)z stopStreaming() can be called more than once without blowing up. This is useful for error-handling paths. N)r5r6r rrrr:r<rzrr~r>r>r?test_stopStreamingTwices z1NonStreamingProducerTests.test_stopStreamingTwicecCs,t}t|}t||}|tt|dS)z= L{_PullToPush} implements L{IPushProducer}. N)r5r6r rrr!rr>r>r?rs z(NonStreamingProducerTests.test_interfaceN)rJrKrLrMrrrrrrrrrrr>r>r>r?rs  +!0rc@s eZdZdZddZddZdS)ClientNegotiationFactoryza A L{ClientFactory} that has a set of acceptable protocols for NPN/ALPN negotiation. cCs ||_dS)z Create a L{ClientNegotiationFactory}. @param acceptableProtocols: The protocols the client will accept speaking after the TLS handshake is complete. @type acceptableProtocols: L{list} of L{bytes} NZ_acceptableProtocolsr<acceptableProtocolsr>r>r?r@sz!ClientNegotiationFactory.__init__cCs|jSa Returns a list of protocols that can be spoken by the connection factory in the form of ALPN tokens, as laid out in the IANA registry for ALPN tokens. @return: a list of ALPN tokens in order of preference. @rtype: L{list} of L{bytes} rrRr>r>r?rs z,ClientNegotiationFactory.acceptableProtocolsNrJrKrLrMr@rr>r>r>r?rs rc@s eZdZdZddZddZdS)ServerNegotiationFactoryza A L{ServerFactory} that has a set of acceptable protocols for NPN/ALPN negotiation. cCs ||_dS)z Create a L{ServerNegotiationFactory}. @param acceptableProtocols: The protocols the server will accept speaking after the TLS handshake is complete. @type acceptableProtocols: L{list} of L{bytes} Nrrr>r>r?r@sz!ServerNegotiationFactory.__init__cCs|jSrrrRr>r>r?rs z,ServerNegotiationFactory.acceptableProtocolsNrr>r>r>r?r s rc@s8eZdZdZddZddZddZdd Zd d Zd S) IProtocolNegotiationFactoryTestsa Tests for L{IProtocolNegotiationFactory} inside L{TLSMemoryBIOFactory}. These tests expressly don't include the case where both server and client advertise protocols but don't have any overlap. This is because the behaviour here is platform-dependent and changes from version to version. Prior to version 1.1.0 of OpenSSL, failing the ALPN negotiation does not fail the handshake. At least in 1.0.2h, failing NPN *does* fail the handshake, at least with the callback implemented by PyOpenSSL. This is sufficiently painful to test that we simply don't. It's not necessary to validate that our offering logic works anyway: all we need to see is that it works in the successful case and that it degrades properly. c sdGfdddttt|}fdd|_t\}}t|d|}|d}tt|}fdd|_t } t| d |}|d} t | ||| fS) a9 Start handshake between TLS client and server. @param clientProtocols: The protocols the client will accept speaking after the TLS handshake is complete. @type clientProtocols: L{list} of L{bytes} @param serverProtocols: The protocols the server will accept speaking after the TLS handshake is complete. @type serverProtocols: L{list} of L{bytes} @return: A L{tuple} of four different items: the client L{Protocol}, the server L{Protocol}, a L{Deferred} that fires when the client first receives bytes (and so the TLS connection is complete), and a L{Deferred} that fires when the server first receives bytes. @rtype: A L{tuple} of (L{Protocol}, L{Protocol}, L{Deferred}, L{Deferred}) rcs(eZdZddZfddZddZdS)zLIProtocolNegotiationFactoryTests.handshakeProtocols..NotifyingSendercSs ||_dSr9)notifier)r<rr>r>r?r@PszUIProtocolNegotiationFactoryTests.handshakeProtocols..NotifyingSender.__init__cs|jttdSr9rrRrr>r?rSSsz[IProtocolNegotiationFactoryTests.handshakeProtocols..NotifyingSender.connectionMadecSs |jdk r|j|d|_dSr9)rrErZr>r>r?r\Vs  zYIProtocolNegotiationFactoryTests.handshakeProtocols..NotifyingSender.dataReceivedN)rJrKrLr@rSr\r>rr>r?NotifyingSenderOs rcsSr9r>r>)rclientDataReceivedr>r?rd^szEIProtocolNegotiationFactoryTests.handshakeProtocols..TNcsSr9r>r>)rserverDataReceivedr>r?rdjsF) r,r(rrkr7rCr rmrrr/) r<ZclientProtocolsZserverProtocolsrprrrqrrrrr>)rrr[rr?r:s<   z3IProtocolNegotiationFactoryTests.handshakeProtocolscsDgg\}fdd}|fdd||S)z When factories support L{IProtocolNegotiationFactory} but don't advertise support for any protocols, no protocols are negotiated. cs jdjddSr9rxZnegotiatedProtocolrrr<ror>r?checkNegotiatedProtocolszaIProtocolNegotiationFactoryTests.test_negotiationWithNoProtocols..checkNegotiatedProtocolcsSr9r>rrr>r?rdrezRIProtocolNegotiationFactoryTests.test_negotiationWithNoProtocols..rrr<rrr>rr<rorr?test_negotiationWithNoProtocolszs   z@IProtocolNegotiationFactoryTests.test_negotiationWithNoProtocolscsLddgddg\}fdd}|fdd||S)z When factories support L{IProtocolNegotiationFactory} and support overlapping protocols, the first protocol is negotiated. h2http/1.1cs jdjddS)Nrrrrr>r?rszeIProtocolNegotiationFactoryTests.test_negotiationWithProtocolOverlap..checkNegotiatedProtocolcsSr9r>rrr>r?rdrezVIProtocolNegotiationFactoryTests.test_negotiationWithProtocolOverlap..rrr>rr?#test_negotiationWithProtocolOverlaps   zDIProtocolNegotiationFactoryTests.test_negotiationWithProtocolOverlapcsHddgg\}fdd}|fdd||S)z When factories support L{IProtocolNegotiationFactory} and only the client advertises, nothing is negotiated. rrcs jdjddSr9rrrr>r?rsz\IProtocolNegotiationFactoryTests.test_negotiationClientOnly..checkNegotiatedProtocolcsSr9r>rrr>r?rdrezMIProtocolNegotiationFactoryTests.test_negotiationClientOnly..rrr>rr?test_negotiationClientOnlys   z;IProtocolNegotiationFactoryTests.test_negotiationClientOnlycsHgddg\}fdd}|fdd||S)z When factories support L{IProtocolNegotiationFactory} and only the server advertises, nothing is negotiated. rrcs jdjddSr9rrrr>r?rsz\IProtocolNegotiationFactoryTests.test_negotiationServerOnly..checkNegotiatedProtocolcsSr9r>rrr>r?rdrezMIProtocolNegotiationFactoryTests.test_negotiationServerOnly..rrr>rr?test_negotiationServerOnlys   z;IProtocolNegotiationFactoryTests.test_negotiationServerOnlyN) rJrKrLrMrrrrrr>r>r>r?r+s @r)FNN)NF)[rMZ __future__rrr/Zzope.interface.verifyrZzope.interfacerrrZtwisted.python.compatrZtwisted.protocols.tlsr r r r ZOpenSSL.cryptor Z OpenSSL.SSLrrrrrrr ImportErrorskipZtwisted.internet.sslrrZtwisted.test.ssl_helpersrrrZtwisted.test.test_sslverifyrZtwisted.test.iosimrZtwisted.python.filepathrZtwisted.python.failurerZtwisted.pythonrZtwisted.internet.interfacesrr r!r"r#r$r%Ztwisted.internet.errorr&r'Ztwisted.internet.deferr(r)Ztwisted.internet.protocolr*r+r,r-Ztwisted.internet.taskr.Ztwisted.protocols.loopbackr/r0Ztwisted.trial.unittestr1r2Ztwisted.test.test_tcpr4Ztwisted.test.proto_helpersr5r6r7rOrsrtrrrr6rrrrr>r>r>r?sl   (     $  2 "3 :(oJ|