Skip to content

[1.26] Revise CI config and fix tests for CPython 3.12 & 3.13 #3436

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 9 commits into from
Aug 2, 2024
Merged

[1.26] Revise CI config and fix tests for CPython 3.12 & 3.13 #3436

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
8e05819
Backport fixes from 94ccda029d556c2b17184d5874bfe598c7012589
illia-v Aug 2, 2024
e99f4a2
Upgrade dev requirements to get more efficient runs on newer Python
illia-v Aug 2, 2024
32d6f66
Enable testing with CPython 3.12 and 3.13
illia-v Aug 2, 2024
1786562
Try using same PyPy 3.9 version as in main to fix timeouts
illia-v Aug 2, 2024
d117a6e
Test `test_requesting_large_resources_via_ssl` separately
illia-v Aug 2, 2024
091724c
Move verbosity flag to noxfile
illia-v Aug 2, 2024
d91508b
Backport `test_eintr_zero_timeout` fix
illia-v Aug 2, 2024
c13a2f3
Backport a part of 5d93c9c6c01efc469200044027c21c6e661f2a99
illia-v Aug 2, 2024
038a655
Do not limit runs with 3.13 to Ubuntu
illia-v Aug 2, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
Backport fixes from 94ccda0 
Co-authored-by: Thomas Grainger <tagrain@gmail.com>
  • Loading branch information
@illia-v @graingert
illia-v and graingert committed Aug 2, 2024
commit 8e0581920d3bf6e5bb022523d5a3fc026f96fde8
7 changes: 7 additions & 0 deletions test/test_no_ssl.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
* HTTPS requests must fail with an error that points at the ssl module
"""

import importlib
import sys

import pytest
Expand All @@ -29,6 +30,12 @@ def find_module(self, fullname, path=None):
def load_module(self, fullname):
raise ImportError("import of {0} is blocked".format(fullname))

def find_spec(self, fullname, path, target):
loader = self.find_module(fullname, path)
if loader is None:
return None
return importlib.util.spec_from_loader(fullname, loader)


class ModuleStash(object):
"""
Expand Down
56 changes: 44 additions & 12 deletions test/with_dummyserver/test_socketlevel.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -142,6 +142,38 @@ def socket_handler(listener):
), "missing ALPN protocol in SSL handshake"


def original_ssl_wrap_socket(
sock,
keyfile=None,
certfile=None,
server_side=False,
cert_reqs=ssl.CERT_NONE,
ssl_version=ssl.PROTOCOL_TLS,
ca_certs=None,
do_handshake_on_connect=True,
suppress_ragged_eofs=True,
ciphers=None,
):
if server_side and not certfile:
raise ValueError("certfile must be specified for server-side operations")
if keyfile and not certfile:
raise ValueError("certfile must be specified")
context = ssl.SSLContext(ssl_version)
context.verify_mode = cert_reqs
if ca_certs:
context.load_verify_locations(ca_certs)
if certfile:
context.load_cert_chain(certfile, keyfile)
if ciphers:
context.set_ciphers(ciphers)
return context.wrap_socket(
sock=sock,
server_side=server_side,
do_handshake_on_connect=do_handshake_on_connect,
suppress_ragged_eofs=suppress_ragged_eofs,
)


class TestClientCerts(SocketDummyServerTestCase):
"""
Tests for client certificate support.
Expand Down Expand Up @@ -173,7 +205,7 @@ def _wrap_in_ssl(self, sock):
"""
Given a single socket, wraps it in TLS.
"""
return ssl.wrap_socket(
return original_ssl_wrap_socket(
sock,
ssl_version=ssl.PROTOCOL_SSLv23,
cert_reqs=ssl.CERT_REQUIRED,
Expand Down Expand Up @@ -1076,7 +1108,7 @@ def proxy_ssl_one(listener):
return

sock.send(("HTTP/1.1 200 Connection Established\r\n\r\n").encode("utf-8"))
ssl_sock = ssl.wrap_socket(
ssl_sock = original_ssl_wrap_socket(
sock,
server_side=True,
keyfile=DEFAULT_CERTS["keyfile"],
Expand Down Expand Up @@ -1128,7 +1160,7 @@ def echo_socket_handler(listener):

if s.startswith("CONNECT [%s]:443" % (ipv6_addr,)):
sock.send(b"HTTP/1.1 200 Connection Established\r\n\r\n")
ssl_sock = ssl.wrap_socket(
ssl_sock = original_ssl_wrap_socket(
sock,
server_side=True,
keyfile=DEFAULT_CERTS["keyfile"],
Expand Down Expand Up @@ -1195,7 +1227,7 @@ def test_ssl_failure_midway_through_conn(self):
def socket_handler(listener):
sock = listener.accept()[0]
sock2 = sock.dup()
ssl_sock = ssl.wrap_socket(
ssl_sock = original_ssl_wrap_socket(
sock,
server_side=True,
keyfile=DEFAULT_CERTS["keyfile"],
Expand Down Expand Up @@ -1234,7 +1266,7 @@ def test_ssl_read_timeout(self):

def socket_handler(listener):
sock = listener.accept()[0]
ssl_sock = ssl.wrap_socket(
ssl_sock = original_ssl_wrap_socket(
sock,
server_side=True,
keyfile=DEFAULT_CERTS["keyfile"],
Expand Down Expand Up @@ -1275,7 +1307,7 @@ def test_ssl_failed_fingerprint_verification(self):
def socket_handler(listener):
for i in range(2):
sock = listener.accept()[0]
ssl_sock = ssl.wrap_socket(
ssl_sock = original_ssl_wrap_socket(
sock,
server_side=True,
keyfile=DEFAULT_CERTS["keyfile"],
Expand Down Expand Up @@ -1322,7 +1354,7 @@ def socket_handler(listener):
# first request, trigger an SSLError
sock = listener.accept()[0]
sock2 = sock.dup()
ssl_sock = ssl.wrap_socket(
ssl_sock = original_ssl_wrap_socket(
sock,
server_side=True,
keyfile=DEFAULT_CERTS["keyfile"],
Expand All @@ -1347,7 +1379,7 @@ def socket_handler(listener):

# retried request
sock = listener.accept()[0]
ssl_sock = ssl.wrap_socket(
ssl_sock = original_ssl_wrap_socket(
sock,
server_side=True,
keyfile=DEFAULT_CERTS["keyfile"],
Expand All @@ -1373,7 +1405,7 @@ def socket_handler(listener):
def test_ssl_load_default_certs_when_empty(self):
def socket_handler(listener):
sock = listener.accept()[0]
ssl_sock = ssl.wrap_socket(
ssl_sock = original_ssl_wrap_socket(
sock,
server_side=True,
keyfile=DEFAULT_CERTS["keyfile"],
Expand Down Expand Up @@ -1410,7 +1442,7 @@ def socket_handler(listener):
def test_ssl_dont_load_default_certs_when_given(self):
def socket_handler(listener):
sock = listener.accept()[0]
ssl_sock = ssl.wrap_socket(
ssl_sock = original_ssl_wrap_socket(
sock,
server_side=True,
keyfile=DEFAULT_CERTS["keyfile"],
Expand Down Expand Up @@ -1475,7 +1507,7 @@ def is_closed_socket(sock):
def socket_handler(listener):
sock = listener.accept()[0]
try:
_ = ssl.wrap_socket(
_ = original_ssl_wrap_socket(
sock,
server_side=True,
keyfile=DEFAULT_CERTS["keyfile"],
Expand Down Expand Up @@ -1522,7 +1554,7 @@ def test_requesting_large_resources_via_ssl(self, preload_content, read_amt):

def socket_handler(listener):
sock = listener.accept()[0]
ssl_sock = ssl.wrap_socket(
ssl_sock = original_ssl_wrap_socket(
sock,
server_side=True,
keyfile=DEFAULT_CERTS["keyfile"],
Expand Down
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy