python/httpie-cli
1
0
Fork 0
mirror of https://github.com/httpie/cli.git synced 2026-04-26 20:02:11 +02:00
Code Activity

Quieten ssl tests (#952)

Browse Source 
* Add skip when required TLS version unsupported

Allow tests to skip, rather than fail from SSL errors with unsupported
TLS version, e.g. if Openssl is configured with MinProtocol higher than
the version being tested.

* Regenerate test certificate and key

Regenerate these with more secure settings for the sake of future
proofing, regenerate the key using RSA 4096 and sign the certificate
with SHA512.

This fixes test failures in tests/test_ssl.py when the user's OpenSSL
security level is set to a value greater than 1 and resolves issue #948

* Suppress SSL warnings in no verify tests
This commit is contained in:
matthewhughes934
2020-08-06 21:24:03 +01:00
committed by GitHub
parent a448b0d928
commit 10246366da
4 changed files with 167 additions and 159 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/test_ssl.py
+11
View File
@@ -1,6 +1,8 @@
import pytest
import pytest_httpbin.certs
import requests.exceptions
import ssl
import urllib3
from httpie.ssl import AVAILABLE_SSL_VERSION_ARG_MAPPING, DEFAULT_SSL_CIPHERS
from httpie.status import ExitStatus
@@ -46,6 +48,12 @@ def test_ssl_version(httpbin_secure, ssl_version):
if ssl_version == 'ssl3':
# pytest-httpbin doesn't support ssl3
pass
elif e.__context__ is not None: # Check if root cause was an unsupported TLS version
root = e.__context__
while root.__context__ is not None:
root = root.__context__
if isinstance(root, ssl.SSLError) and root.reason == "TLSV1_ALERT_PROTOCOL_VERSION":
pytest.skip("Unsupported TLS version: {}".format(ssl_version))
else:
raise
@@ -84,11 +92,14 @@ class TestClientCert:
class TestServerCert:
def test_verify_no_OK(self, httpbin_secure):
# Avoid warnings when explicitly testing insecure requests
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
r = http(httpbin_secure.url + '/get', '--verify=no')
assert HTTP_OK in r
@pytest.mark.parametrize('verify_value', ['false', 'fALse'])
def test_verify_false_OK(self, httpbin_secure, verify_value):
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
r = http(httpbin_secure.url + '/get', '--verify', verify_value)
assert HTTP_OK in r