~bzr-pqm/bzr/bzr.dev

# Copyright (C) 2007-2011 Canonical Ltd

#

# This program is free software; you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation; either version 2 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program; if not, write to the Free Software

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

"""HTTPS test server, available when ssl python module is available"""

import ssl

import sys

from bzrlib.tests import (

    http_server,

    ssl_certs,

    test_server,

    )

class TestingHTTPSServerMixin:

    def __init__(self, key_file, cert_file):

        self.key_file = key_file

        self.cert_file = cert_file

    def _get_ssl_request (self, sock, addr):

        """Wrap the socket with SSL"""

        ssl_sock = ssl.wrap_socket(sock, server_side=True,

                                   keyfile=self.key_file,

                                   certfile=self.cert_file,

                                   do_handshake_on_connect=False)

        return ssl_sock, addr

    def verify_request(self, request, client_address):

        """Verify the request.

        Return True if we should proceed with this request, False if we should

        not even touch a single byte in the socket !

        """

        serving = test_server.TestingTCPServerMixin.verify_request(

            self, request, client_address)

        if serving:

            try:

                request.do_handshake()

            except ssl.SSLError, e:

                # FIXME: We proabaly want more tests to capture which ssl

                # errors are worth reporting but mostly our tests want an https

                # server that works -- vila 2012-01-19

                return False

        return serving

    def ignored_exceptions_during_shutdown(self, e):

        if (sys.version < (2, 7) and isinstance(e, TypeError)

            and e.args[0] == "'member_descriptor' object is not callable"):

            # Fixed in python-2.7 (and some Ubuntu 2.6) there is a bug where

            # the ssl socket fail to raise a socket.error when trying to read

            # from a closed socket. This is rarely observed in practice but

            # still make valid selftest runs fail if not caught.

            return True

        base = test_server.TestingTCPServerMixin

        return base.ignored_exceptions_during_shutdown(self, e)

class TestingHTTPSServer(TestingHTTPSServerMixin,

                         http_server.TestingHTTPServer):

    def __init__(self, server_address, request_handler_class,

                 test_case_server, key_file, cert_file):

        TestingHTTPSServerMixin.__init__(self, key_file, cert_file)

        http_server.TestingHTTPServer.__init__(

            self, server_address, request_handler_class, test_case_server)

    def get_request(self):

        sock, addr = http_server.TestingHTTPServer.get_request(self)

        return self._get_ssl_request(sock, addr)

class TestingThreadingHTTPSServer(TestingHTTPSServerMixin,

                                  http_server.TestingThreadingHTTPServer):

    def __init__(self, server_address, request_handler_class,

                 test_case_server, key_file, cert_file):

        TestingHTTPSServerMixin.__init__(self, key_file, cert_file)

        http_server.TestingThreadingHTTPServer.__init__(

            self, server_address, request_handler_class, test_case_server)

    def get_request(self):

        sock, addr = http_server.TestingThreadingHTTPServer.get_request(self)

        return self._get_ssl_request(sock, addr)

class HTTPSServer(http_server.HttpServer):

    _url_protocol = 'https'

    # The real servers depending on the protocol

    http_server_class = {'HTTP/1.0': TestingHTTPSServer,

                         'HTTP/1.1': TestingThreadingHTTPSServer,

                         }

    # Provides usable defaults since an https server requires both a

    # private key and a certificate to work.

    def __init__(self, request_handler=http_server.TestingHTTPRequestHandler,

                 protocol_version=None,

                 key_file=ssl_certs.build_path('server_without_pass.key'),

                 cert_file=ssl_certs.build_path('server.crt')):

        http_server.HttpServer.__init__(self, request_handler=request_handler,

                                        protocol_version=protocol_version)

        self.key_file = key_file

        self.cert_file = cert_file

        self.temp_files = []

    def create_server(self):

        return self.server_class(

            (self.host, self.port), self.request_handler_class, self,

            self.key_file, self.cert_file)

class HTTPSServer_urllib(HTTPSServer):

    """Subclass of HTTPSServer that gives https+urllib urls.

    This is for use in testing: connections to this server will always go

    through urllib where possible.

    """

    # urls returned by this server should require the urllib client impl

    _url_protocol = 'https+urllib'

class HTTPSServer_PyCurl(HTTPSServer):

    """Subclass of HTTPSServer that gives http+pycurl urls.

    This is for use in testing: connections to this server will always go

    through pycurl where possible.

    """

    # We don't care about checking the pycurl availability as

    # this server will be required only when pycurl is present

    # urls returned by this server should require the pycurl client impl

    _url_protocol = 'https+pycurl'