o M,hda@sddlZddlZddlZddlmZmZmZddlmZm Z m Z m Z m Z ddl mZmZddlmZddlmZmZ GdddejZed krNedSdS) N)Mockpatch MagicMock)SSLError SSLEOFErrorSSLWantReadErrorSSLWantWriteErrorHAVE_SSL) _ssl_socket_wrap_sni_socket)WebSocketException)recvsendc@seZdZddZddZddZddZd d Zd d Zd dZ ddZ ddZ ddZ ddZ ddZddZddZddZdd Zd!d"Zd#d$Zd%d&Zd'd(Zd)d*Zd+d,Zd-d.Zd/d0Zd1d2Zd3d4Zd5d6Zd7d8Zd9d:Zd;S)<SSLEdgeCasesTestcCsts |ddSdS)NzSSL not available)r skipTest)selfro/var/www/www-root/data/www/bot.pdev.uz/venv/lib/python3.10/site-packages/websocket/tests/test_ssl_edge_cases.pysetUp'szSSLEdgeCasesTest.setUpc Cst}td?}t}||_td|j_dtji}| tjt ||dWdn1s1wYWddSWddS1sIwYdS)z$Test SSL handshake failure scenariosssl.SSLContextzSSL handshake timeout cert_reqs example.comN) rr return_valuesockettimeout wrap_socket side_effectssl CERT_REQUIRED assertRaisesr r mock_sockmock_ssl_context mock_contextssloptrrrtest_ssl_handshake_failure+s   "z+SSLEdgeCasesTest.test_ssl_handshake_failurec Ct}td@}t}||_td|j_tjdd}|tjt ||dWdn1s2wYWddSWddS1sJwYdS)z;Test various SSL certificate verification failure scenariosrzCertificate verification failedTrcheck_hostnamezbadssl.exampleN rrrrSSLCertVerificationErrorrrrrr r rrr*test_ssl_certificate_verification_failures<s   "z;SSLEdgeCasesTest.test_ssl_certificate_verification_failurescCsht}td#}t}t|j_||_d|i}t||d|jWddS1s-wYdS)z6Test SSL context configuration with various edge casesrcontextrN)rrrrr assert_called_once)rr!r"existing_contextr$rrr)test_ssl_context_configuration_edge_casesMs    "z:SSLEdgeCasesTest.test_ssl_context_configuration_edge_casesc Cst}tdddi`tdddJtddd4td }t}||_t|j_i}t||d |jWd n1sAwYWd n1sPwYWd n1s_wYWd n1snwYtddd iltdddMtdd d7td#}t}||_t|j_i}t||d |jjd d d Wd n1swYWd n1swYWd n1swYWd d SWd d S1swYd S)z.Test CA bundle environment variable edge cases os.environWEBSOCKET_CLIENT_CA_BUNDLEz/nonexistent/ca-bundle.crtzos.path.isfileF)rz os.path.isdirrrNz/etc/ssl/certsT)cafilecapath) rrdictrrr load_verify_locationsassert_not_calledassert_called_withr rrr)test_ssl_ca_bundle_environment_edge_cases_sP       "z:SSLEdgeCasesTest.test_ssl_ca_bundle_environment_edge_casesc Cst}tdB}t}||_td|j_t|j_ddi}|t t ||dWdn1s4wYWddSWddS1sLwYdS)z(Test SSL cipher configuration edge casesrzNo cipher can be selectedciphersINVALID_CIPHERrN) rrrrr set_ciphersrrrr r r rrr(test_ssl_cipher_configuration_edge_casess    "z9SSLEdgeCasesTest.test_ssl_cipher_configuration_edge_casesc Ct}tdA}t}||_td|j_t|j_ddi}|tt ||dWdn1s3wYWddSWddS1sKwYdS)z(Test ECDH curve configuration edge casesrzunknown curve name ecdh_curve invalid_curverN) rrr ValueErrorset_ecdh_curverrrr r r rrrtest_ssl_ecdh_curve_edge_cases    "z/SSLEdgeCasesTest.test_ssl_ecdh_curve_edge_casesc Cr=)z0Test client certificate configuration edge casesrz No such filecertfilez/nonexistent/client.crtrN) rrrFileNotFoundErrorload_cert_chainrrrr r r rrr&test_ssl_client_certificate_edge_casesrCz7SSLEdgeCasesTest.test_ssl_client_certificate_edge_casescst}dgfdd}||j_d|j_td1}t}||_dg|j_t|d}||d|dd |j |j Wd d S1sLwYd S) z)Test SSL want read/write retry edge casesrcs8dd7<ddkrtdddkrdSdS)NrThe operation did not completedata after retriesrbufsize read_attemptsrr mock_recvs   zMSSLEdgeCasesTest.test_ssl_want_read_write_retry_edge_cases..mock_recv>@selectors.DefaultSelectorTdrKrJN) rr r gettimeoutrrselect assertEqualregister assert_calledrr!rRmock_selector_class mock_selectorresultrrPr)test_ssl_want_read_write_retry_edge_casess        "z:SSLEdgeCasesTest.test_ssl_want_read_write_retry_edge_casescst}dgfdd}||j_d|j_td'}t}||_dg|j_t|d}||d|dd Wd d S1sBwYd S) z$Test SSL want write retry edge casesrcs<dd7<ddkrtdddkrt|SdS)NrrHrIrJ)rlen)datawrite_attemptsrr mock_sends   zHSSLEdgeCasesTest.test_ssl_want_write_retry_edge_cases..mock_sendrSrTT test data rJN)rrrrVrrrWrX)rr!rdr\r]r^rrbr$test_ssl_want_write_retry_edge_casess      "z5SSLEdgeCasesTest.test_ssl_want_write_retry_edge_casescCs`t}td|j_d|j_ddlm}||t|dWddS1s)wYdS)zTest SSL EOF error edge caseszSSL connection has been closedrSr"WebSocketConnectionClosedExceptionreN) rrrrrVrwebsocket._exceptionsrirrr!rirrrtest_ssl_eof_error_edge_casess    "z.SSLEdgeCasesTest.test_ssl_eof_error_edge_casescCstddlm}ddlm}t}d|j_t|d}t|_||j_||d}||t}| ||g|j dS)zTest SSL pending data scenariosr) SSLDispatcher) WebSocketApp)specg@N) websocket._dispatcherrmwebsocket._apprnrpendingrsockrWrXr-)rrmrn mock_ssl_sockmock_app dispatcherr^rrr test_ssl_pending_data_edge_casess    z1SSLEdgeCasesTest.test_ssl_pending_data_edge_casescst}dfdd}||j_d|j_td%}t}||_dg|j_t|d}||d|d Wd d S1s?wYd S) z Test SSL renegotiation scenariosrcsd7dkr tddS)NrHzSSL renegotiation requireddata after renegotiationrMrN call_countrrrRszESSLEdgeCasesTest.test_ssl_renegotiation_edge_cases..mock_recvrSrTTrUryrJN)rr rrVrrrWrXr[rrzr!test_ssl_renegotiation_edge_casess     "z2SSLEdgeCasesTest.test_ssl_renegotiation_edge_casescCsrt}td(}t}||_t|j_ddi}t||d|jj|ddddWddS1s2wYdS)z+Test SSL server hostname override scenariosrserver_hostnamezoverride.example.comzoriginal.example.comTdo_handshake_on_connectsuppress_ragged_eofsr}Nrrrrr r7r rrr!test_ssl_server_hostname_override3s   "z2SSLEdgeCasesTest.test_ssl_server_hostname_overridecCst}td2}t}||_t|j_ttdr1dtji}t||d|tjWddSWddS1s.mock_recvrSr) frame_buffercs t|S)N)r )sizer!rrs zBSSLEdgeCasesTest.test_ssl_buffer_size_edge_cases..T)skip_utf8_validationrN) rr rrVrwebsocket._abnfr recv_strict assertGreaterr`)rrRrfbr^rrrtest_ssl_buffer_size_edge_casess  z0SSLEdgeCasesTest.test_ssl_buffer_size_edge_casesc Cst}td?}t}||_td|j_dtji}|tjt ||dWdn1s1wYWddSWddS1sIwYdS)z&Test SSL protocol downgrade protectionrSSLV3_ALERT_HANDSHAKE_FAILURErrN) rrrrrrrPROTOCOL_TLS_CLIENTrr r rrr&test_ssl_protocol_downgrade_protections   "z7SSLEdgeCasesTest.test_ssl_protocol_downgrade_protectionc Cr&)z0Test SSL certificate chain validation edge casesrz2certificate verify failed: certificate has expiredTr'zexpired.badssl.comNr)r rrr%test_ssl_certificate_chain_validations   "z6SSLEdgeCasesTest.test_ssl_certificate_chain_validationc Cst}td>}t}||_td|j_ddi}|tjt||dWdn1s0wYWddSWddS1sHwYdS)z(Test SSL weak cipher rejection scenariosrzno shared cipherr9zRC4-MD5rN) rrrrrrrrr r rrrtest_ssl_weak_cipher_rejection+s "z/SSLEdgeCasesTest.test_ssl_weak_cipher_rejectionc Cs t}gd}|D]\}}|j||dqtd]}t}||_||krYd|vrYtd|d|d|j_tjdd }| tjt |||Wd n1sSwYnt|j_tjdd }t |||}| |Wd n1sywYWd n1swYq d S) z)Test SSL hostname verification edge cases)) *.example.comzsubdomain.example.com)rzsub.subdomain.example.com)rzwww.example.com)certhostnamerz sub.subdomainz hostname 'z' doesn't match ''Tr'N) rrrrrr*rrrrr r) rr!r cert_hostnameconnect_hostnamer"r#r$r^rrr)test_ssl_hostname_verification_edge_cases:s>     z:SSLEdgeCasesTest.test_ssl_hostname_verification_edge_casesc Cst}z;ddl}t|drs" \