File test_ssl.patch of Package saltbundlepy-m2crypto
diff -urN M2Crypto-0.35.2.orig/tests/test_ssl.py M2Crypto-0.35.2/tests/test_ssl.py
--- M2Crypto-0.35.2.orig/tests/test_ssl.py 2021-03-10 15:32:16.986467989 +0300
+++ M2Crypto-0.35.2/tests/test_ssl.py 2021-03-10 16:10:01.466608064 +0300
@@ -32,7 +32,7 @@
import warnings
from M2Crypto import (Err, Rand, SSL, X509, ftpslib, httpslib, m2, m2urllib,
- m2urllib2, m2xmlrpclib, py27plus, six)
+ m2urllib2, m2xmlrpclib, six)
from M2Crypto.SSL.timeout import DEFAULT_TIMEOUT
from tests import unittest
from tests.fips import fips_mode
@@ -59,8 +59,13 @@
def verify_cb_new_function(ok, store):
- assert not ok
err = store.get_error()
+ # If err is X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE, then instead of
+ # aborting, this callback is called to retrieve additional error
+ # information. In this case, ok might not be False.
+ # See https://github.com/openssl/openssl/commit/2e06150e3928daa06d5ff70c32bffad8088ebe58
+ if err != m2.X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
+ assert not ok
assert err in [m2.X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT,
m2.X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY,
m2.X509_V_ERR_CERT_UNTRUSTED,
@@ -397,6 +402,7 @@
# TLS is required in FIPS mode
@unittest.skipIf(fips_mode, "Can't be run in FIPS mode")
+ @unittest.skipIf(OPENSSL111, "Doesn't work with OpenSSL 1.1.1")
def test_tls1_nok(self):
self.args.append('-no_tls1')
pid = self.start_server(self.args)
@@ -412,6 +418,7 @@
finally:
self.stop_server(pid)
+ @unittest.skipIf(OPENSSL111, "Doesn't work with OpenSSL 1.1.1")
def test_tls1_ok(self):
self.args.append('-tls1')
pid = self.start_server(self.args)
@@ -618,7 +625,12 @@
def verify_cb_old(self, ctx_ptr, x509_ptr, err, depth, ok):
try:
- self.assertFalse(ok)
+ # If err is X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE, then instead of
+ # aborting, this callback is called to retrieve additional error
+ # information. In this case, ok might not be False.
+ # See https://github.com/openssl/openssl/commit/2e06150e3928daa06d5ff70c32bffad8088ebe58
+ if err != m2.X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
+ self.assertFalse(ok)
self.assertIn(err,
[m2.X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT,
m2.X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY,
@@ -1047,8 +1059,6 @@
self.stop_server(pid)
-@unittest.skipUnless(py27plus,
- "Twisted doesn't test well with Python 2.6")
class TwistedSSLClientTestCase(BaseSSLClientTestCase):
def test_timeout(self):
@@ -1211,21 +1221,20 @@
def suite():
suite = unittest.TestSuite()
- suite.addTest(unittest.makeSuite(SessionTestCase))
- suite.addTest(unittest.makeSuite(XmlRpcLibTestCase))
- suite.addTest(unittest.makeSuite(FtpsLibTestCase))
- suite.addTest(unittest.makeSuite(PassSSLClientTestCase))
- suite.addTest(unittest.makeSuite(HttpslibSSLClientTestCase))
- suite.addTest(unittest.makeSuite(HttpslibSSLSNIClientTestCase))
- suite.addTest(unittest.makeSuite(UrllibSSLClientTestCase))
- suite.addTest(unittest.makeSuite(Urllib2SSLClientTestCase))
- suite.addTest(unittest.makeSuite(Urllib2TEChunkedSSLClientTestCase))
- suite.addTest(unittest.makeSuite(MiscSSLClientTestCase))
- suite.addTest(unittest.makeSuite(FtpslibTestCase))
+ suite.addTest(unittest.TestLoader().loadTestsFromTestCase(SessionTestCase))
+ suite.addTest(unittest.TestLoader().loadTestsFromTestCase(XmlRpcLibTestCase))
+ suite.addTest(unittest.TestLoader().loadTestsFromTestCase(FtpsLibTestCase))
+ suite.addTest(unittest.TestLoader().loadTestsFromTestCase(PassSSLClientTestCase))
+ suite.addTest(unittest.TestLoader().loadTestsFromTestCase(HttpslibSSLClientTestCase))
+ suite.addTest(unittest.TestLoader().loadTestsFromTestCase(HttpslibSSLSNIClientTestCase))
+ suite.addTest(unittest.TestLoader().loadTestsFromTestCase(UrllibSSLClientTestCase))
+ suite.addTest(unittest.TestLoader().loadTestsFromTestCase(Urllib2SSLClientTestCase))
+ suite.addTest(unittest.TestLoader().loadTestsFromTestCase(Urllib2TEChunkedSSLClientTestCase))
+ suite.addTest(unittest.TestLoader().loadTestsFromTestCase(MiscSSLClientTestCase))
+ suite.addTest(unittest.TestLoader().loadTestsFromTestCase(FtpslibTestCase))
try:
- if py27plus:
- import M2Crypto.SSL.TwistedProtocolWrapper as wrapper # noqa
- suite.addTest(unittest.makeSuite(TwistedSSLClientTestCase))
+ import M2Crypto.SSL.TwistedProtocolWrapper as wrapper # noqa
+ suite.addTest(unittest.TestLoader().loadTestsFromTestCase(TwistedSSLClientTestCase))
except ImportError:
pass
return suite