From 37b54a2c02e425125a2418b423747316a5909272 Mon Sep 17 00:00:00 2001 From: Mark Williams Date: Sun, 11 Jun 2017 02:33:10 -0700 Subject: [PATCH 1/3] test_ssl_hostname_verification honors its docstring. It asserts that the created Agent received an instance of twisted.internet.ssl.VerifyingContextFactory. This fixes an issue caused by Twisted 17.1.0 and later's use of HostnameEndpoint within t.w.client.Agent. This test should be deleted as part of the deprecation process described in #47 (TLS support includes root certificate management code that should be handled elsewhere). --- txaws/client/tests/test_base.py | 31 +++++++++++++++++++------------ 1 file changed, 19 insertions(+), 12 deletions(-) diff --git a/txaws/client/tests/test_base.py b/txaws/client/tests/test_base.py index c2530f39..4d9de5e5 100644 --- a/txaws/client/tests/test_base.py +++ b/txaws/client/tests/test_base.py @@ -14,7 +14,7 @@ import attr -from twisted.internet import reactor +from twisted.internet import reactor, ssl from twisted.internet.defer import Deferred from twisted.internet.error import ConnectionRefusedError from twisted.protocols.policies import WrappingFactory @@ -41,6 +41,8 @@ from txaws.service import AWSServiceEndpoint from txaws.testing.producers import StringBodyProducer +from zope.interface.verify import verifyClass + class URLContextTests(TestCase): """ @@ -268,25 +270,30 @@ def test_ssl_hostname_verification(self): sets to C{True}, a L{VerifyingContextFactory} is passed to C{connectSSL}. """ + agent_creations = [] - class FakeReactor(object): + @implementer(IAgent) + class FakeAgent(object): + def __init__(self, reactor, contextFactory, + connectTimeout=None, bindAddress=None, pool=None): + agent_creations.append((reactor, contextFactory, + connectTimeout, bindAddress, pool)) - def __init__(self): - self.connects = [] + def request(self, method, uri, headers=None, bodyProducer=None): + return Deferred() - def connectSSL(self, host, port, factory, contextFactory, timeout, - bindAddress): - self.connects.append((host, port, factory, contextFactory)) + verifyClass(IAgent, FakeAgent) certs = [makeCertificate(O="Test Certificate", CN="something")[1]] + self.patch(base, "Agent", FakeAgent) self.patch(ssl, "_ca_certs", certs) - fake_reactor = FakeReactor() endpoint = AWSServiceEndpoint(ssl_hostname_verification=True) - query = BaseQuery("an action", "creds", endpoint, fake_reactor) + query = BaseQuery("an action", "creds", endpoint, reactor="ignored") query.get_page("https://example.com/file") - [(host, port, factory, contextFactory)] = fake_reactor.connects - self.assertEqual("example.com", host) - self.assertEqual(443, port) + + self.assertEqual(len(agent_creations), 1) + [(_, contextFactory, _, _, _)] = agent_creations + self.assertIsInstance(contextFactory, ssl.VerifyingContextFactory) class StreamingBodyReceiverTestCase(TestCase): From ee7a8887db5c30d2c2e8422c56fb0d556118942a Mon Sep 17 00:00:00 2001 From: Mark Williams Date: Sun, 11 Jun 2017 02:45:11 -0700 Subject: [PATCH 2/3] Add newsfragment. --- txaws/newsfragments/72.misc | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 txaws/newsfragments/72.misc diff --git a/txaws/newsfragments/72.misc b/txaws/newsfragments/72.misc new file mode 100644 index 00000000..e69de29b From b08a5e802ae93eff249bf4c0416dc02c2df2d4a0 Mon Sep 17 00:00:00 2001 From: Mark Williams Date: Sun, 11 Jun 2017 02:47:52 -0700 Subject: [PATCH 3/3] Fixing test_ssl_hostname_verification allows Twisted 17.1.0. Also, Twisted 17.5.0 is out now and causes the same issue, so this constraint is no longer helpful. --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index b0d07daa..6482d85c 100644 --- a/setup.py +++ b/setup.py @@ -10,7 +10,7 @@ try: from setuptools import find_packages extra_setup_args['install_requires'] = [ - 'attrs', 'python-dateutil', 'twisted[tls]>=15.5.0,!=17.1.0', 'venusian', 'lxml', + 'attrs', 'python-dateutil', 'twisted[tls]>=15.5.0', 'venusian', 'lxml', 'incremental', 'pyrsistent', 'constantly', ] except ImportError: