forked from pool/python-truststore
Matej Cepl
c46f8273c8
- update to 0.8.0 - refresh no-network-testing.patch * Added documentation for how to use truststore with urllib3, Requests, aiohttp, and pip. * Added pass-through implementations for many ssl.SSLContext methods like load_cert_chain(), set_alpn_protocols(), etc. * Added inject_into_ssl() and extract_from_ssl() to enable Truststore for all packages using ssl.SSLContext automatically * Added support for setting check_hostname, verify_mode, and verify_flags. * Fixed issue where a RecursionError that would be raised when setting SSLContext.minimum_version or .maximum_version OBS-URL: https://build.opensuse.org/request/show/1114433 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-truststore?expand=0&rev=3
114 lines
3.5 KiB
Diff
114 lines
3.5 KiB
Diff
---
|
|
pyproject.toml | 3 +++
|
|
test_truststore.py | 7 +++----
|
|
2 files changed, 6 insertions(+), 4 deletions(-)
|
|
|
|
Index: truststore-0.8.0/pyproject.toml
|
|
===================================================================
|
|
--- truststore-0.8.0.orig/pyproject.toml
|
|
+++ truststore-0.8.0/pyproject.toml
|
|
@@ -26,6 +26,9 @@ classifiers = [
|
|
]
|
|
dynamic = ["version", "description"]
|
|
requires-python = ">= 3.10"
|
|
+markers = [
|
|
+ "network: test case requires network connection",
|
|
+]
|
|
|
|
[project.urls]
|
|
Source = "https://github.com/sethmlarson/truststore"
|
|
@@ -38,3 +41,6 @@ filterwarnings = [
|
|
# See: aio-libs/aiohttp#7545
|
|
"ignore:.*datetime.utcfromtimestamp().*:DeprecationWarning",
|
|
]
|
|
+markers = [
|
|
+ "network: test case requires network connection",
|
|
+]
|
|
Index: truststore-0.8.0/tests/conftest.py
|
|
===================================================================
|
|
--- truststore-0.8.0.orig/tests/conftest.py
|
|
+++ truststore-0.8.0/tests/conftest.py
|
|
@@ -18,7 +18,7 @@ SUBPROCESS_TIMEOUT = 5
|
|
original_SSLContext = ssl.SSLContext
|
|
|
|
|
|
-successful_hosts = pytest.mark.parametrize("host", ["example.com", "1.1.1.1"])
|
|
+successful_hosts = pytest.mark.network
|
|
|
|
logger = logging.getLogger("aiohttp.web")
|
|
|
|
Index: truststore-0.8.0/tests/test_api.py
|
|
===================================================================
|
|
--- truststore-0.8.0.orig/tests/test_api.py
|
|
+++ truststore-0.8.0/tests/test_api.py
|
|
@@ -27,8 +27,8 @@ pytestmark = pytest.mark.flaky
|
|
# if the client drops the connection due to a cert verification error
|
|
socket.setdefaulttimeout(10)
|
|
|
|
-successful_hosts = pytest.mark.parametrize("host", ["example.com", "1.1.1.1"])
|
|
|
|
+successful_hosts = pytest.mark.network
|
|
|
|
@dataclass
|
|
class FailureHost:
|
|
@@ -118,9 +118,7 @@ failure_hosts_list = [
|
|
),
|
|
]
|
|
|
|
-failure_hosts_no_revocation = pytest.mark.parametrize(
|
|
- "failure", failure_hosts_list.copy(), ids=attrgetter("host")
|
|
-)
|
|
+failure_hosts_no_revocation = pytest.mark.network
|
|
|
|
if platform.system() != "Linux":
|
|
failure_hosts_list.append(
|
|
@@ -139,9 +137,7 @@ if platform.system() != "Linux":
|
|
)
|
|
)
|
|
|
|
-failure_hosts = pytest.mark.parametrize(
|
|
- "failure", failure_hosts_list, ids=attrgetter("host")
|
|
-)
|
|
+failure_hosts = pytest.mark.network
|
|
|
|
|
|
@pytest.fixture(scope="session")
|
|
@@ -317,7 +313,7 @@ def test_trustme_cert_loaded_via_capath(
|
|
assert resp.status == 200
|
|
assert len(resp.data) > 0
|
|
|
|
-
|
|
+@pytest.mark.network
|
|
def test_trustme_cert_still_uses_system_certs(trustme_ca):
|
|
ctx = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
|
|
trustme_ca.configure_trust(ctx)
|
|
Index: truststore-0.8.0/tests/test_sslcontext.py
|
|
===================================================================
|
|
--- truststore-0.8.0.orig/tests/test_sslcontext.py
|
|
+++ truststore-0.8.0/tests/test_sslcontext.py
|
|
@@ -7,7 +7,7 @@ from urllib3.exceptions import InsecureR
|
|
|
|
import truststore
|
|
|
|
-
|
|
+@pytest.mark.network
|
|
def test_minimum_maximum_version():
|
|
ctx = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
|
|
ctx.maximum_version = ssl.TLSVersion.TLSv1_2
|
|
@@ -24,6 +24,7 @@ def test_minimum_maximum_version():
|
|
assert ctx.maximum_version == ssl.TLSVersion.TLSv1_2
|
|
|
|
|
|
+@pytest.mark.network
|
|
def test_check_hostname_false():
|
|
ctx = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
|
|
assert ctx.check_hostname is True
|
|
@@ -35,6 +36,7 @@ def test_check_hostname_false():
|
|
assert "match" in str(e.value)
|
|
|
|
|
|
+@pytest.mark.network
|
|
def test_verify_mode_cert_none():
|
|
ctx = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
|
|
assert ctx.check_hostname is True
|