d0kuhn/mosquitto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
master
mosquitto/test/broker/08-ssl-hup-disconnect.py

77 lines
2.5 KiB
Python
Raw Permalink Normal View History

Fix clients using `use_identity_as_*` being disconnected on SIGHUP. Closes #1402. Thanks to twegener-embertec.
2019-09-05 10:37:43 +00:00
#!/usr/bin/env python3
# Test whether a client connected with a client certificate when
# use_identity_as_username is true is then disconnected when a SIGHUP is
# received.
# https://github.com/eclipse/mosquitto/issues/1402
from mosq_test_helper import *
import signal
if sys.version < '2.7':
print("WARNING: SSL not supported on Python 2.6")
exit(0)
def write_config(filename, pw_file, port, option):
with open(filename, 'w') as f:
f.write("listener %d\n" % (port))
f.write("cafile ../ssl/all-ca.crt\n")
f.write("certfile ../ssl/server.crt\n")
f.write("keyfile ../ssl/server.key\n")
f.write("require_certificate true\n")
f.write("%s true\n" % (option))
f.write("password_file %s\n" % (pw_file))
def write_pwfile(filename):
with open(filename, 'w') as f:
# Username "test client", password test
f.write('test client:$6$njERlZMi/7DzNB9E$iiavfuXvUm8iyDZArTy7smTxh07GXXOrOsqxfW6gkOYVXHGk+W+i/8d3xDxrMwEPygEBhoA8A/gjQC0N2M4Lkw==\n')
def do_test(option):
port = mosq_test.get_port()
conf_file = os.path.basename(__file__).replace('.py', '.conf')
pw_file = os.path.basename(__file__).replace('.py', '.pwfile')
write_config(conf_file, pw_file, port, option)
write_pwfile(pw_file)
rc = 1
keepalive = 10
connect_packet = mosq_test.gen_connect("connect-success-test", keepalive=keepalive)
connack_packet = mosq_test.gen_connack(rc=0)
broker = mosq_test.start_broker(filename=os.path.basename(__file__), port=port, use_conf=True)
try:
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
tests: replace use of ssl.wrap_socket that throws warnings in Python 3.10 The function ssl.wrap_socket() is deprecated starting Python 3.7 because it does not support hostname matching (which is considered insecure). In Python 3.10, the function now throws warnings at runtime, which makes Ubuntu / Debian autopkgtest fail. The function ssl.SSLContext.wrap_socket comes in as the replacement and has support for SNI and hostname matching. Replaced all uses of ssl.wrap_socket() by equivalent using ssl.SSLContext.wrap_socket(). Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
2022-02-07 09:29:02 +00:00
context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH, cafile="../ssl/test-root-ca.crt")
context.load_cert_chain(certfile="../ssl/client.crt", keyfile="../ssl/client.key")
ssock = context.wrap_socket(sock, server_hostname="localhost")
Fix clients using `use_identity_as_*` being disconnected on SIGHUP. Closes #1402. Thanks to twegener-embertec.
2019-09-05 10:37:43 +00:00
ssock.settimeout(20)
ssock.connect(("localhost", port))
mosq_test.do_send_receive(ssock, connect_packet, connack_packet, "connack")
broker.send_signal(signal.SIGHUP)
time.sleep(1)
# This will fail if we've been disconnected
mosq_test.do_ping(ssock)
rc = 0
ssock.close()
Simplify "expect_packet" tests.
2020-08-12 10:06:09 +00:00
except mosq_test.TestError:
pass
Fix clients using `use_identity_as_*` being disconnected on SIGHUP. Closes #1402. Thanks to twegener-embertec.
2019-09-05 10:37:43 +00:00
finally:
os.remove(conf_file)
os.remove(pw_file)
broker.terminate()
broker.wait()
(stdo, stde) = broker.communicate()
if rc:
print(stde.decode('utf-8'))
exit(rc)
do_test("use_identity_as_username")
do_test("use_subject_as_username")
exit(0)
Reference in New Issue Copy Permalink