From bfc817294297dddf93fd943264cc01aa6fd03c82 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Beraud?= Date: Tue, 26 May 2020 18:39:29 +0200 Subject: [PATCH] Fix some SSL tests for wsgi module under python 3 Previously some tests were ignored under python 3 environment, this was due to some design changes introduced by python 3.7 [1] in the SSL module of the stdlib. These changes reactivate some of them (some other are still skipped and needs further works). Indeed, when we try to use requests with SSL in a monkey patched environment we faced the following issue: ``` TypeError: wrap_socket() got an unexpected keyword argument '_context' ``` This is due to the fact that we are in a monkey patched environment where `requests` is monkey patched too. We don't need `request` for our needs. Indeed we can easily send http requests through low level socket. Our main goal is to test our wsgi server and not to test the `requests` library, and `requests` was just used to make the code more simpler. In our case we can implement a code dedicated to send request to our green server, unlock our tests and move away from this bug/side effect. These changes move away from `requests` which is badly monkey patched by eventlet [1]. Now we use monkey patched socket and ssl to request the green server which is executed in background. Low level (monkey patched) modules could help us to skirt layers that are possibly badly monkey patched on higher level modules (urllib, requests, etc...). [1] https://github.com/eventlet/eventlet/issues/526#issuecomment-482694279 [2] https://github.com/eventlet/eventlet/issues/526 Change-Id: Id44ad12a1cf3fd7090a67bb6e8e42bfdc47502cf Partial-Bug: #1482633 --- oslo_service/tests/test_wsgi.py | 26 ++++++++++++++++++++------ 1 file changed, 20 insertions(+), 6 deletions(-) diff --git a/oslo_service/tests/test_wsgi.py b/oslo_service/tests/test_wsgi.py index 62f57ea9..9e19373a 100644 --- a/oslo_service/tests/test_wsgi.py +++ b/oslo_service/tests/test_wsgi.py @@ -265,6 +265,17 @@ class TestWSGIServer(WsgiTestCase): server.stop() +def requesting(host, port, ca_certs, method="POST", + content_type="application/x-www-form-urlencoded"): + frame = bytes("{verb} / HTTP/1.1\r\n\r\n".format(verb=method), "utf-8") + with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as sock: + with eventlet.wrap_ssl(sock, ca_certs=ca_certs) as wrappedSocket: + wrappedSocket.connect((host, port)) + wrappedSocket.send(frame) + data = wrappedSocket.recv(1024).decode() + return data + + class TestWSGIServerWithSSL(WsgiTestCase): """WSGI server with SSL tests.""" @@ -273,26 +284,29 @@ class TestWSGIServerWithSSL(WsgiTestCase): cert_file_name = os.path.join(SSL_CERT_DIR, 'certificate.crt') key_file_name = os.path.join(SSL_CERT_DIR, 'privatekey.key') eventlet.monkey_patch(os=False, thread=False) + self.host = "127.0.0.1" self.config(cert_file=cert_file_name, key_file=key_file_name, group=sslutils.config_section) - @testtools.skip("bug/1482633: test hangs on Python 3") def test_ssl_server(self): def test_app(env, start_response): start_response('200 OK', {}) return ['PONG'] fake_ssl_server = wsgi.Server(self.conf, "fake_ssl", test_app, - host="127.0.0.1", port=0, use_ssl=True) + host=self.host, port=0, use_ssl=True) fake_ssl_server.start() self.assertNotEqual(0, fake_ssl_server.port) - response = requests.post( - 'https://127.0.0.1:%s/' % fake_ssl_server.port, - verify=os.path.join(SSL_CERT_DIR, 'ca.crt'), data='PING') - self.assertEqual('PONG', response.text) + response = requesting( + method='GET', + host=self.host, + port=fake_ssl_server.port, + ca_certs=os.path.join(SSL_CERT_DIR, 'ca.crt'), + ) + self.assertEqual('PONG', response[-4:]) fake_ssl_server.stop() fake_ssl_server.wait()