github
/
mosquitto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
develop
master
fixes
release/2.0
release/1.6
dynamic-bridge
release/1.5
debian
debian-mosquitto
v2.0.15
v2.0.14
v2.0.13
v2.0.12
v2.0.11
v1.6.15
v2.0.10
v2.0.9
v1.6.14
v1.5.11
v2.0.8
v2.0.7
v1.6.13
v2.0.6
v2.0.5
v2.0.4
v2.0.3
v2.0.2
v2.0.1
v2.0.0
v1.5.10
v1.6.12
v1.6.11
v1.6.10
v1.6.9
v1.6.8
v1.6.7
v1.6.6
v1.5.9
v1.6.5
v1.6.4
v1.6.3
v1.6.2
v1.6.1
v1.6
v1.5.8
v1.5.7
v1.5.6
v1.5.5
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.5
v1.4.15
v1.4.14
v1.4.13
v1.4.12
v1.4.11
v1.4.10
v1.4.9
v1.4.8
v1.4.7
v1.4.6
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.3.2-not-blessed
v1.3.3-not-blessed
v1.3.4-not-blessed
v1.3.5-not-blessed
v1.4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ef078b31b5'
${ noResults }
mosquitto/test/broker/08-ssl-connect-cert-auth-re...

62 lines
2.0 KiB
Python
Raw Blame History

#!/usr/bin/env python3
from mosq_test_helper import *
if sys.version < '2.7':
print("WARNING: SSL not supported on Python 2.6")
exit(0)
def write_config(filename, port1, port2):
with open(filename, 'w') as f:
f.write("listener %d\n" % (port2))
f.write("allow_anonymous true\n")
f.write("listener %d\n" % (port1))
f.write("allow_anonymous true\n")
f.write(f"cafile {ssl_dir}/all-ca.crt\n")
f.write(f"certfile {ssl_dir}/server.crt\n")
f.write(f"keyfile {ssl_dir}/server.key\n")
f.write("require_certificate true\n")
f.write(f"crlfile {ssl_dir}/crl.pem\n")
(port1, port2) = mosq_test.get_port(2)
conf_file = os.path.basename(__file__).replace('.py', '.conf')
write_config(conf_file, port1, port2)
rc = 1
connect_packet = mosq_test.gen_connect("connect-revoked-test")
broker = mosq_test.start_broker(filename=os.path.basename(__file__), port=port2, use_conf=True)
try:
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH, cafile=f"{ssl_dir}/test-root-ca.crt")
context.load_cert_chain(certfile=f"{ssl_dir}/client-revoked.crt", keyfile=f"{ssl_dir}/client-revoked.key")
ssock = context.wrap_socket(sock, server_hostname="localhost")
ssock.settimeout(20)
try:
ssock.connect(("localhost", port1))
mosq_test.do_send_receive(ssock, connect_packet, "", "connack")
except ssl.SSLError as err:
if err.errno == 1 and "certificate revoked" in err.strerror:
rc = 0
else:
broker.terminate()
print(err.strerror)
raise ValueError(err.errno)
except mosq_test.TestError:
pass
finally:
os.remove(conf_file)
time.sleep(0.5)
broker.terminate()
if mosq_test.wait_for_subprocess(broker):
print("broker not terminated")
if rc == 0: rc=1
(stdo, stde) = broker.communicate()
if rc:
print(stde.decode('utf-8'))
exit(rc)
Reference in New Issue View Git Blame Copy Permalink