diff options
| author | Andrei Zeliankou <zelenkov@nginx.com> | 2023-06-14 18:20:09 +0100 |
|---|---|---|
| committer | Andrei Zeliankou <zelenkov@nginx.com> | 2023-06-14 18:20:09 +0100 |
| commit | c183bd8749a19477390f8cb77efe5f6d223f0905 (patch) | |
| tree | 4e821e9cb07be9a86bf2d442acb3ea6740ba5a99 /test/test_reconfigure_tls.py | |
| parent | c6d05191a069ac150cc8eb2bece75cf79c0a465a (diff) | |
| download | unit-c183bd8749a19477390f8cb77efe5f6d223f0905.tar.gz unit-c183bd8749a19477390f8cb77efe5f6d223f0905.tar.bz2 | |
Tests: get rid of classes in test files.
Class usage came from the unittest framework and it was always redundant
after migration to the pytest. This commit removes classes from files
containing tests to make them more readable and understandable.
Diffstat (limited to 'test/test_reconfigure_tls.py')
| -rw-r--r-- | test/test_reconfigure_tls.py | 151 |
1 files changed, 79 insertions, 72 deletions
diff --git a/test/test_reconfigure_tls.py b/test/test_reconfigure_tls.py index 310f800a..b473b147 100644 --- a/test/test_reconfigure_tls.py +++ b/test/test_reconfigure_tls.py @@ -3,103 +3,110 @@ import ssl import time import pytest -from unit.applications.tls import TestApplicationTLS +from unit.applications.tls import ApplicationTLS prerequisites = {'modules': {'openssl': 'any'}} +client = ApplicationTLS() -class TestReconfigureTLS(TestApplicationTLS): - @pytest.fixture(autouse=True) - def setup_method_fixture(self): - if 'HAS_TLSv1_2' not in dir(ssl) or not ssl.HAS_TLSv1_2: - pytest.skip('OpenSSL too old') - self.certificate() +@pytest.fixture(autouse=True) +def setup_method_fixture(): + if 'HAS_TLSv1_2' not in dir(ssl) or not ssl.HAS_TLSv1_2: + pytest.skip('OpenSSL too old') - assert 'success' in self.conf( - { - "listeners": { - "*:7080": { - "pass": "routes", - "tls": {"certificate": "default"}, - } - }, - "routes": [{"action": {"return": 200}}], - "applications": {}, - } - ), 'load application configuration' + client.certificate() - def create_socket(self): - ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) - ctx.check_hostname = False - ctx.verify_mode = ssl.CERT_NONE + assert 'success' in client.conf( + { + "listeners": { + "*:7080": { + "pass": "routes", + "tls": {"certificate": "default"}, + } + }, + "routes": [{"action": {"return": 200}}], + "applications": {}, + } + ), 'load application configuration' - s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - ssl_sock = ctx.wrap_socket( - s, server_hostname='localhost', do_handshake_on_connect=False - ) - ssl_sock.connect(('127.0.0.1', 7080)) - return ssl_sock +def create_socket(): + ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) + ctx.check_hostname = False + ctx.verify_mode = ssl.CERT_NONE - def clear_conf(self): - assert 'success' in self.conf({"listeners": {}, "applications": {}}) + s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + ssl_sock = ctx.wrap_socket( + s, server_hostname='localhost', do_handshake_on_connect=False + ) + ssl_sock.connect(('127.0.0.1', 7080)) - @pytest.mark.skip('not yet') - def test_reconfigure_tls_switch(self): - assert 'success' in self.conf_delete('listeners/*:7080/tls') + return ssl_sock - (_, sock) = self.get( - headers={'Host': 'localhost', 'Connection': 'keep-alive'}, - start=True, - read_timeout=1, - ) - assert 'success' in self.conf( - {"pass": "routes", "tls": {"certificate": "default"}}, - 'listeners/*:7080', - ) +def clear_conf(): + assert 'success' in client.conf({"listeners": {}, "applications": {}}) - assert self.get(sock=sock)['status'] == 200, 'reconfigure' - assert self.get_ssl()['status'] == 200, 'reconfigure tls' - def test_reconfigure_tls(self): - ssl_sock = self.create_socket() +@pytest.mark.skip('not yet') +def test_reconfigure_tls_switch(): + assert 'success' in client.conf_delete('listeners/*:7080/tls') - ssl_sock.sendall("""GET / HTTP/1.1\r\n""".encode()) + (_, sock) = client.get( + headers={'Host': 'localhost', 'Connection': 'keep-alive'}, + start=True, + read_timeout=1, + ) - self.clear_conf() + assert 'success' in client.conf( + {"pass": "routes", "tls": {"certificate": "default"}}, + 'listeners/*:7080', + ) - ssl_sock.sendall( - """Host: localhost\r\nConnection: close\r\n\r\n""".encode() - ) + assert client.get(sock=sock)['status'] == 200, 'reconfigure' + assert client.get_ssl()['status'] == 200, 'reconfigure tls' - assert ( - self.recvall(ssl_sock).decode().startswith('HTTP/1.1 200 OK') - ), 'finish request' - def test_reconfigure_tls_2(self): - ssl_sock = self.create_socket() +def test_reconfigure_tls(): + ssl_sock = create_socket() - # Waiting for connection completion. - # Delay should be more than TCP_DEFER_ACCEPT. - time.sleep(1.5) + ssl_sock.sendall("""GET / HTTP/1.1\r\n""".encode()) - self.clear_conf() + clear_conf() - try: - ssl_sock.do_handshake() - except ssl.SSLError: - ssl_sock.close() - success = True + ssl_sock.sendall( + """Host: localhost\r\nConnection: close\r\n\r\n""".encode() + ) - if not success: - pytest.fail('Connection is not closed.') + assert ( + client.recvall(ssl_sock).decode().startswith('HTTP/1.1 200 OK') + ), 'finish request' - def test_reconfigure_tls_3(self): - ssl_sock = self.create_socket() + +def test_reconfigure_tls_2(): + ssl_sock = create_socket() + + # Waiting for connection completion. + # Delay should be more than TCP_DEFER_ACCEPT. + time.sleep(1.5) + + clear_conf() + + try: ssl_sock.do_handshake() + except ssl.SSLError: + ssl_sock.close() + success = True + + if not success: + pytest.fail('Connection is not closed.') + + +def test_reconfigure_tls_3(): + ssl_sock = create_socket() + ssl_sock.do_handshake() - self.clear_conf() + clear_conf() - assert self.get(sock=ssl_sock)['status'] == 408, 'request timeout' + assert client.get(sock=ssl_sock)['status'] == 408, 'request timeout' |