[Python-Dev] tests expanded for SSL module -- other suggestions?

Bill Janssen janssen at parc.com
Mon Sep 10 03:41:32 CEST 2007 

I'm looking for suggestions for other SSL module tests.  

Here's the result of running my (not yet checked-in) test_ssl.py
module in verbose mode.  I'm pretty happy with the codebase right now,
and barring other tests, I'm ready to check it in and start on the 3.x
patch (or perhaps the 2.3 package).

In the client/server tests, a new server thread is created for
each test.

In the STARTTLS test, several messages are exchanged in the clear,
then the client sends a STARTTLS message and after the server replies
"OK", initiates the TLS handshake.

It would be nice to have an external HTTPS server on python.org
that could be used for an HTTPS connection test.  Is there one?

Bill

% ./python.exe ./Lib/test/regrtest.py -u all -v test_ssl
test_ssl
testCrucialConstants (test.test_ssl.BasicTests) ... ok
testParseCert (test.test_ssl.BasicTests) ... 
{'notAfter': 'Feb 16 16:54:50 2013 GMT',
 'subject': ((('countryName', u'US'),),
             (('stateOrProvinceName', u'Delaware'),),
             (('localityName', u'Wilmington'),),
             (('organizationName', u'Python Software Foundation'),),
             (('organizationalUnitName', u'SSL'),),
             (('commonName', u'somemachine.python.org'),))}
ok
testRAND (test.test_ssl.BasicTests) ... 
 RAND_status is 1 (sufficient randomness)
ok
testSSLconnect (test.test_ssl.BasicTests) ... ok
testEcho (test.test_ssl.ConnectedTests) ... 
 server:  new connection from ('127.0.0.1', 51840)
 server: connection cipher is now ('AES256-SHA', 'TLSv1/SSLv3', 256)
 client:  sending 'FOO\n'...
 server: read 'FOO\n', sending back 'foo\n'...
 client:  read 'foo\n'
 client:  closing connection.
 server: client closed connection
ok
testMalformedCert (test.test_ssl.ConnectedTests) ... ok
testMalformedKey (test.test_ssl.ConnectedTests) ... ok
testNULLcert (test.test_ssl.ConnectedTests) ... ok
testReadCert (test.test_ssl.ConnectedTests) ... 
{'notAfter': 'Feb 16 16:54:50 2013 GMT',
 'subject': ((('countryName', u'US'),),
             (('stateOrProvinceName', u'Delaware'),),
             (('localityName', u'Wilmington'),),
             (('organizationName', u'Python Software Foundation'),),
             (('organizationalUnitName', u'SSL'),),
             (('commonName', u'somemachine.python.org'),))}
Connection cipher is ('AES256-SHA', 'TLSv1/SSLv3', 256).
ok
testRudeShutdown (test.test_ssl.ConnectedTests) ... ok
testSSL2 (test.test_ssl.ConnectedTests) ... 
 SSLv2->SSLv2 CERT_NONE
 SSLv2->SSLv2 CERT_OPTIONAL
 SSLv2->SSLv2 CERT_REQUIRED
 SSLv23->SSLv2 CERT_NONE
 {SSLv3->SSLv2} CERT_NONE
 {TLSv1->SSLv2} CERT_NONE
ok
testSSL23 (test.test_ssl.ConnectedTests) ... 
 {SSLv2->SSLv23} CERT_NONE
 SSLv3->SSLv23 CERT_NONE
 SSLv23->SSLv23 CERT_NONE
 TLSv1->SSLv23 CERT_NONE
 {SSLv2->SSLv23} CERT_OPTIONAL
 SSLv3->SSLv23 CERT_OPTIONAL
 SSLv23->SSLv23 CERT_OPTIONAL
 TLSv1->SSLv23 CERT_OPTIONAL
 {SSLv2->SSLv23} CERT_REQUIRED
 SSLv3->SSLv23 CERT_REQUIRED
 SSLv23->SSLv23 CERT_REQUIRED
 TLSv1->SSLv23 CERT_REQUIRED
ok
testSSL3 (test.test_ssl.ConnectedTests) ... 
 SSLv3->SSLv3 CERT_NONE
 SSLv3->SSLv3 CERT_OPTIONAL
 SSLv3->SSLv3 CERT_REQUIRED
 {SSLv2->SSLv3} CERT_NONE
 {SSLv23->SSLv3} CERT_NONE
 {TLSv1->SSLv3} CERT_NONE
ok
testSTARTTLS (test.test_ssl.ConnectedTests) ... 
 client:  sending 'msg 1'...
 server:  new connection from ('127.0.0.1', 51870)
 server: read 'msg 1', sending back 'msg 1'...
 client:  read 'msg 1' from server
 client:  sending 'MSG 2'...
 server: read 'MSG 2', sending back 'msg 2'...
 client:  read 'msg 2' from server
 client:  sending 'STARTTLS'...
 server: read STARTTLS from client, sending OK...
 client:  read 'OK\n' from server, starting TLS...
 server: connection cipher is now ('AES256-SHA', 'TLSv1/SSLv3', 256)
 client:  sending 'MSG 3'...
 server: read 'MSG 3', sending back 'msg 3'...
 client:  read 'msg 3' from server
 client:  sending 'msg 4'...
 server: read 'msg 4', sending back 'msg 4'...
 client:  read 'msg 4' from server
 client:  closing connection.
 server: client closed connection
ok
testTLS1 (test.test_ssl.ConnectedTests) ... 
 TLSv1->TLSv1 CERT_NONE
 TLSv1->TLSv1 CERT_OPTIONAL
 TLSv1->TLSv1 CERT_REQUIRED
 {SSLv2->TLSv1} CERT_NONE
 {SSLv3->TLSv1} CERT_NONE
 {SSLv23->TLSv1} CERT_NONE
ok

----------------------------------------------------------------------
Ran 15 tests in 6.866s

OK
1 test OK.
CAUTION:  stdout isn't compared in verbose mode:
a test that passes in verbose mode may fail without it.
[23679 refs]

More information about the Python-Dev mailing list