mhils · March 15, 2015 17:21
diff --git a/test_ssl.py b/test_ssl.py
    def test_renegotiate(self):
        """
        If :py:obj:`Connection.recv` is called during renegotation,
        it will block until renegotation is complete and the message has been read.
        (OpenSSL's SSL_MODE_AUTO_RETRY is turned on by default)
        """

        # Do not use _server() or _client():
        # https://www.openssl.org/docs/ssl/SSL_CTX_set_session_id_context.html
        # If the session id context is not set on an SSL/TLS server and client certificates are used,
        # stored sessions will not be reused but a fatal error will be flagged and the handshake will fail.
        client_ctx = Context(TLSv1_METHOD)
        client = Connection(client_ctx, None)
        client.set_connect_state()

        server_ctx = Context(TLSv1_METHOD)
        server_ctx.use_privatekey(load_privatekey(FILETYPE_PEM, server_key_pem))
        server_ctx.use_certificate(load_certificate(FILETYPE_PEM, server_cert_pem))
        server = Connection(server_ctx, None)
        server.set_accept_state()

        # Useful to identify the message types
        client_ctx.set_cipher_list("NULL")
        server_ctx.set_cipher_list("NULL")

        client_ctx.set_mode(SSL_MODE_AUTO_RETRY)
        server_ctx.set_mode(SSL_MODE_AUTO_RETRY)

        self.assertIdentical(
            self._interactInMemory(client, server), None)

        server.write("hello world")

        self.assertEquals(
            self._interactInMemory(client, server),
            (client, "hello world"))

        self.assertEquals(server.total_renegotiations(), 0)

        print "============="

        # def pend():
        #     print "SSL_renegotiate_pending server: %s" % _lib.SSL_renegotiate_pending(server._ssl)
        #     print "SSL_renegotiate_pending client: %s" % _lib.SSL_renegotiate_pending(client._ssl)

        def write(read, write):
            d = read.bio_read(4096)
            write.bio_write(d)
            print "bio write to " + ("client" if write == client else "server")
            print d.encode("hex")

        def recv(read):
            try:
                print "RECV " + ("client" if read == client else "server")
                return read.recv(2 ** 16)
            except WantReadError:
                return "WantReadError"

        _lib.SSL_renegotiate(server._ssl)
        server.do_handshake()

        # Hello Request
        write(server, client)
        print recv(client)

        # Client Hello
        write(client, server)
        print recv(server)

        # Server Hello, Server Done
        write(server, client)
        print recv(client)

        # CHANGE_CIPHER_SPEC
        write(client, server)
        print recv(server)


        server.send("renegotiated")
        write(server, client)
        print recv(client)

        self.assertEquals(server.total_renegotiations(), 1)
	def test_renegotiate(self):
	"""
	If :py:obj:`Connection.recv` is called during renegotation,
	it will block until renegotation is complete and the message has been read.
	(OpenSSL's SSL_MODE_AUTO_RETRY is turned on by default)
	"""

	# Do not use _server() or _client():
	# https://www.openssl.org/docs/ssl/SSL_CTX_set_session_id_context.html
	# If the session id context is not set on an SSL/TLS server and client certificates are used,
	# stored sessions will not be reused but a fatal error will be flagged and the handshake will fail.
	client_ctx = Context(TLSv1_METHOD)
	client = Connection(client_ctx, None)
	client.set_connect_state()

	server_ctx = Context(TLSv1_METHOD)
	server_ctx.use_privatekey(load_privatekey(FILETYPE_PEM, server_key_pem))
	server_ctx.use_certificate(load_certificate(FILETYPE_PEM, server_cert_pem))
	server = Connection(server_ctx, None)
	server.set_accept_state()

	# Useful to identify the message types
	client_ctx.set_cipher_list("NULL")
	server_ctx.set_cipher_list("NULL")

	client_ctx.set_mode(SSL_MODE_AUTO_RETRY)
	server_ctx.set_mode(SSL_MODE_AUTO_RETRY)

	self.assertIdentical(
	self._interactInMemory(client, server), None)

	server.write("hello world")

	self.assertEquals(
	self._interactInMemory(client, server),
	(client, "hello world"))

	self.assertEquals(server.total_renegotiations(), 0)

	print "============="

	# def pend():
	# print "SSL_renegotiate_pending server: %s" % _lib.SSL_renegotiate_pending(server._ssl)
	# print "SSL_renegotiate_pending client: %s" % _lib.SSL_renegotiate_pending(client._ssl)

	def write(read, write):
	d = read.bio_read(4096)
	write.bio_write(d)
	print "bio write to " + ("client" if write == client else "server")
	print d.encode("hex")

	def recv(read):
	try:
	print "RECV " + ("client" if read == client else "server")
	return read.recv(2 ** 16)
	except WantReadError:
	return "WantReadError"

	_lib.SSL_renegotiate(server._ssl)
	server.do_handshake()

	# Hello Request
	write(server, client)
	print recv(client)

	# Client Hello
	write(client, server)
	print recv(server)

	# Server Hello, Server Done
	write(server, client)
	print recv(client)

	# CHANGE_CIPHER_SPEC
	write(client, server)
	print recv(server)


	server.send("renegotiated")
	write(server, client)
	print recv(client)

	self.assertEquals(server.total_renegotiations(), 1)
No results found