Re: [Python-Dev] Other SSL issues in the tracker have been marked
Thanks. I applied it. -- n
On 8/26/07, Bill Janssen
Well, as long as you have your ears on, here's another patch to test_ssl.
1) Fixes the bug that two class names are initial-lower-case.
2) Replaces the poll waiting for the server to become ready with a threading.Event signal.
Bill
Index: Lib/test/test_ssl.py =================================================================== --- Lib/test/test_ssl.py (revision 57521) +++ Lib/test/test_ssl.py (working copy) @@ -153,9 +153,9 @@ c2.close()
-class threadedEchoServer(threading.Thread): +class ThreadedEchoServer(threading.Thread):
- class connectionHandler(threading.Thread): + class ConnectionHandler(threading.Thread):
def __init__(self, server, connsock): self.server = server @@ -219,6 +219,7 @@ self.certreqs = certreqs self.cacerts = cacerts self.sock = socket.socket() + self.flag = None if hasattr(socket, 'SO_REUSEADDR'): self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) if hasattr(socket, 'SO_REUSEPORT'): @@ -228,15 +229,22 @@ threading.Thread.__init__(self) self.setDaemon(False)
+ def start (self, flag=None): + self.flag = flag + threading.Thread.start(self) + def run (self): self.sock.settimeout(0.5) self.sock.listen(5) self.active = True + if self.flag: + # signal an event + self.flag.set() while self.active: try: newconn, connaddr = self.sock.accept() #sys.stdout.write('\nserver: new connection from ' + str(connaddr) + '\n') - handler = self.connectionHandler(self, newconn) + handler = self.ConnectionHandler(self, newconn) handler.start() except socket.timeout: pass @@ -337,9 +345,11 @@
server = None if test_support.is_resource_enabled('network'): - server = threadedEchoServer(10024, CERTFILE) - server.start() - time.sleep(1) + server = ThreadedEchoServer(10024, CERTFILE) + flag = threading.Event() + server.start(flag) + # wait for it to start + flag.wait() tests.append(ConnectedTests)
thread_info = test_support.threading_setup() _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/nnorwitz%40gmail.com
Now it looks as if both the Debian and Ubuntu failures are failing because they can't create a certificate, just like the Windows test. I'll go out on a limb here and guess that it's because "openssl" isn't on the path of the user running the tests. That would also account for the other stack traces, if the keyfile or certfile didn't actually contain a key or a cert. Bill
Here's a patch that will turn the buildbots green, by not trying the connected tests if the certificate can't be created. It also shows the created cert if run in verbose mode. We still need a working os.system command for Windows. Bill Index: Lib/test/test_ssl.py =================================================================== --- Lib/test/test_ssl.py (revision 57534) +++ Lib/test/test_ssl.py (working copy) @@ -194,7 +194,8 @@ self.server.stop() self.running = False else: - #sys.stdout.write("\nserver: %s\n" % msg.strip().lower()) + if test_support.verbose: + sys.stdout.write("\nserver: %s\n" % msg.strip().lower()) sslconn.write(msg.lower()) except ssl.sslerror: sys.stdout.write("Test server failure:\n" + string.join( @@ -243,7 +244,8 @@ while self.active: try: newconn, connaddr = self.sock.accept() - #sys.stdout.write('\nserver: new connection from ' + str(connaddr) + '\n') + if test_support.verbose: + sys.stdout.write('\nserver: new connection from ' + str(connaddr) + '\n') handler = self.ConnectionHandler(self, newconn) handler.start() except socket.timeout: @@ -322,19 +324,21 @@ (conffile, crtfile, crtfile)) # now we have a self-signed server cert in crtfile os.unlink(conffile) - if error or not os.path.exists(crtfile) or os.path.getsize(crtfile) == 0: - raise test_support.TestFailed( - "Unable to create certificate for test %d." % error) - return d, crtfile + if (error or + (not os.path.exists(crtfile)) or + (os.path.getsize(crtfile) == 0)): + if test_support.verbose: + sys.stdout.write("\nUnable to create certificate for test. " + "Error status %d.\n" % (error >> 8)) + shutil.rmtree(d) + return None, None + else: + if test_support.verbose: + sys.stdout.write(open(crtfile, 'r').read() + '\n') + return d, crtfile - # XXX(nnorwitz): should this code be removed now? - #sf_certfile = os.path.join(d, "sourceforge-imap.pem") - #sf_cert = ssl.fetch_server_certificate('pop.gmail.com', 995) - #open(sf_certfile, 'w').write(sf_cert) - #return d, crtfile, sf_certfile - # sys.stderr.write(open(crtfile, 'r').read() + '\n') -def test_main(): +def test_main(verbose=False): if skip_expected: raise test_support.TestSkipped("socket module has no ssl support") @@ -344,13 +348,16 @@ tests = [BasicTests] server = None - if test_support.is_resource_enabled('network'): + if CERTFILE and test_support.is_resource_enabled('network'): server = ThreadedEchoServer(10024, CERTFILE) flag = threading.Event() server.start(flag) # wait for it to start flag.wait() tests.append(ConnectedTests) + else: + if test_support.verbose: + sys.stdout.write("\nSkipping test_ssl ConnectedTests; couldn't create a certificate.\n") thread_info = test_support.threading_setup() @@ -362,7 +369,8 @@ # wait for it to stop server.join() - shutil.rmtree(tdir) + if tdir and os.path.isdir(tdir): + shutil.rmtree(tdir) test_support.threading_cleanup(*thread_info) if __name__ == "__main__":
participants (2)
-
Bill Janssen
-
Neal Norwitz