Chromium Code Reviews Chromium Code Reviews
Issue 416683002:
This CL corrects a bug in which the OnHandshakeComplete callback for an ssl session was never called (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@r2| OLD | NEW |
|---|---|
| 1 #!/usr/bin/env python | 1 #!/usr/bin/env python |
| 2 # Copyright 2013 The Chromium Authors. All rights reserved. | 2 # Copyright 2013 The Chromium Authors. All rights reserved. |
| 3 # Use of this source code is governed by a BSD-style license that can be | 3 # Use of this source code is governed by a BSD-style license that can be |
| 4 # found in the LICENSE file. | 4 # found in the LICENSE file. |
| 5 | 5 |
| 6 """This is a simple HTTP/FTP/TCP/UDP/BASIC_AUTH_PROXY/WEBSOCKET server used for | 6 """This is a simple HTTP/FTP/TCP/UDP/BASIC_AUTH_PROXY/WEBSOCKET server used for |
| 7 testing Chrome. | 7 testing Chrome. |
| 8 | 8 |
| 9 It supports several test URLs, as specified by the handlers in TestPageHandler. | 9 It supports several test URLs, as specified by the handlers in TestPageHandler. |
| 10 By default, it listens on an ephemeral port and sends the port number back to | 10 By default, it listens on an ephemeral port and sends the port number back to |
| (...skipping 139 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 150 testserver_base.BrokenPipeHandlerMixIn, | 150 testserver_base.BrokenPipeHandlerMixIn, |
| 151 testserver_base.StoppableHTTPServer): | 151 testserver_base.StoppableHTTPServer): |
| 152 """This is a specialization of StoppableHTTPServer that add https support and | 152 """This is a specialization of StoppableHTTPServer that add https support and |
| 153 client verification.""" | 153 client verification.""" |
| 154 | 154 |
| 155 def __init__(self, server_address, request_hander_class, pem_cert_and_key, | 155 def __init__(self, server_address, request_hander_class, pem_cert_and_key, |
| 156 ssl_client_auth, ssl_client_cas, ssl_client_cert_types, | 156 ssl_client_auth, ssl_client_cas, ssl_client_cert_types, |
| 157 ssl_bulk_ciphers, ssl_key_exchanges, enable_npn, | 157 ssl_bulk_ciphers, ssl_key_exchanges, enable_npn, |
| 158 record_resume_info, tls_intolerant, | 158 record_resume_info, tls_intolerant, |
| 159 tls_intolerance_type, signed_cert_timestamps, | 159 tls_intolerance_type, signed_cert_timestamps, |
| 160 fallback_scsv_enabled, ocsp_response): | 160 fallback_scsv_enabled, ocsp_response, disable_session_cache): |
| 161 self.cert_chain = tlslite.api.X509CertChain() | 161 self.cert_chain = tlslite.api.X509CertChain() |
| 162 self.cert_chain.parsePemList(pem_cert_and_key) | 162 self.cert_chain.parsePemList(pem_cert_and_key) |
| 163 # Force using only python implementation - otherwise behavior is different | 163 # Force using only python implementation - otherwise behavior is different |
| 164 # depending on whether m2crypto Python module is present (error is thrown | 164 # depending on whether m2crypto Python module is present (error is thrown |
| 165 # when it is). m2crypto uses a C (based on OpenSSL) implementation under | 165 # when it is). m2crypto uses a C (based on OpenSSL) implementation under |
| 166 # the hood. | 166 # the hood. |
| 167 self.private_key = tlslite.api.parsePEMKey(pem_cert_and_key, | 167 self.private_key = tlslite.api.parsePEMKey(pem_cert_and_key, |
| 168 private=True, | 168 private=True, |
| 169 implementations=['python']) | 169 implementations=['python']) |
| 170 self.ssl_client_auth = ssl_client_auth | 170 self.ssl_client_auth = ssl_client_auth |
| (...skipping 23 matching lines...) Expand all Loading... | |
| 194 | 194 |
| 195 self.ssl_handshake_settings = tlslite.api.HandshakeSettings() | 195 self.ssl_handshake_settings = tlslite.api.HandshakeSettings() |
| 196 if ssl_bulk_ciphers is not None: | 196 if ssl_bulk_ciphers is not None: |
| 197 self.ssl_handshake_settings.cipherNames = ssl_bulk_ciphers | 197 self.ssl_handshake_settings.cipherNames = ssl_bulk_ciphers |
| 198 if ssl_key_exchanges is not None: | 198 if ssl_key_exchanges is not None: |
| 199 self.ssl_handshake_settings.keyExchangeNames = ssl_key_exchanges | 199 self.ssl_handshake_settings.keyExchangeNames = ssl_key_exchanges |
| 200 if tls_intolerant != 0: | 200 if tls_intolerant != 0: |
| 201 self.ssl_handshake_settings.tlsIntolerant = (3, tls_intolerant) | 201 self.ssl_handshake_settings.tlsIntolerant = (3, tls_intolerant) |
| 202 self.ssl_handshake_settings.tlsIntoleranceType = tls_intolerance_type | 202 self.ssl_handshake_settings.tlsIntoleranceType = tls_intolerance_type |
| 203 | 203 |
| 204 if record_resume_info: | 204 |
| 205 if disable_session_cache: | |
| 206 self.session_cache = None | |
| 207 elif record_resume_info: | |
| 205 # If record_resume_info is true then we'll replace the session cache with | 208 # If record_resume_info is true then we'll replace the session cache with |
| 206 # an object that records the lookups and inserts that it sees. | 209 # an object that records the lookups and inserts that it sees. |
| 207 self.session_cache = RecordingSSLSessionCache() | 210 self.session_cache = RecordingSSLSessionCache() |
| 208 else: | 211 else: |
| 209 self.session_cache = tlslite.api.SessionCache() | 212 self.session_cache = tlslite.api.SessionCache() |
| 210 testserver_base.StoppableHTTPServer.__init__(self, | 213 testserver_base.StoppableHTTPServer.__init__(self, |
| 211 server_address, | 214 server_address, |
| 212 request_hander_class) | 215 request_hander_class) |
| 213 | 216 |
| 214 def handshake(self, tlsConnection): | 217 def handshake(self, tlsConnection): |
| (...skipping 1764 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1979 self.options.ssl_client_cert_type, | 1982 self.options.ssl_client_cert_type, |
| 1980 self.options.ssl_bulk_cipher, | 1983 self.options.ssl_bulk_cipher, |
| 1981 self.options.ssl_key_exchange, | 1984 self.options.ssl_key_exchange, |
| 1982 self.options.enable_npn, | 1985 self.options.enable_npn, |
| 1983 self.options.record_resume, | 1986 self.options.record_resume, |
| 1984 self.options.tls_intolerant, | 1987 self.options.tls_intolerant, |
| 1985 self.options.tls_intolerance_type, | 1988 self.options.tls_intolerance_type, |
| 1986 self.options.signed_cert_timestamps_tls_ext.decode( | 1989 self.options.signed_cert_timestamps_tls_ext.decode( |
| 1987 "base64"), | 1990 "base64"), |
| 1988 self.options.fallback_scsv, | 1991 self.options.fallback_scsv, |
| 1989 stapled_ocsp_response) | 1992 stapled_ocsp_response, |
| 1993 self.options.disable_session_cache) | |
| 1990 print 'HTTPS server started on https://%s:%d...' % \ | 1994 print 'HTTPS server started on https://%s:%d...' % \ |
| 1991 (host, server.server_port) | 1995 (host, server.server_port) |
| 1992 else: | 1996 else: |
| 1993 server = HTTPServer((host, port), TestPageHandler) | 1997 server = HTTPServer((host, port), TestPageHandler) |
| 1994 print 'HTTP server started on http://%s:%d...' % \ | 1998 print 'HTTP server started on http://%s:%d...' % \ |
| 1995 (host, server.server_port) | 1999 (host, server.server_port) |
| 1996 | 2000 |
| 1997 server.data_dir = self.__make_data_dir() | 2001 server.data_dir = self.__make_data_dir() |
| 1998 server.file_root_url = self.options.file_root_url | 2002 server.file_root_url = self.options.file_root_url |
| 1999 server_data['port'] = server.server_port | 2003 server_data['port'] = server.server_port |
| (...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2079 if self.__ocsp_server: | 2083 if self.__ocsp_server: |
| 2080 self.__ocsp_server.serve_forever_on_thread() | 2084 self.__ocsp_server.serve_forever_on_thread() |
| 2081 | 2085 |
| 2082 testserver_base.TestServerRunner.run_server(self) | 2086 testserver_base.TestServerRunner.run_server(self) |
| 2083 | 2087 |
| 2084 if self.__ocsp_server: | 2088 if self.__ocsp_server: |
| 2085 self.__ocsp_server.stop_serving() | 2089 self.__ocsp_server.stop_serving() |
| 2086 | 2090 |
| 2087 def add_options(self): | 2091 def add_options(self): |
| 2088 testserver_base.TestServerRunner.add_options(self) | 2092 testserver_base.TestServerRunner.add_options(self) |
| 2093 self.option_parser.add_option('--session-cache', action='store_true', | |
| 2094 dest='disable_session_cache', | |
| 2095 help='tells the server to use a None' | |
| 2096 'session cache.') | |
|
Ryan Sleevi
2014/08/07 00:27:41
1) Description still needs updating
2) Did you mea
mshelley
2014/08/07 00:55:05
Ahh yes should have been disable, sorry about that
| |
| 2089 self.option_parser.add_option('-f', '--ftp', action='store_const', | 2097 self.option_parser.add_option('-f', '--ftp', action='store_const', |
| 2090 const=SERVER_FTP, default=SERVER_HTTP, | 2098 const=SERVER_FTP, default=SERVER_HTTP, |
| 2091 dest='server_type', | 2099 dest='server_type', |
| 2092 help='start up an FTP server.') | 2100 help='start up an FTP server.') |
| 2093 self.option_parser.add_option('--tcp-echo', action='store_const', | 2101 self.option_parser.add_option('--tcp-echo', action='store_const', |
| 2094 const=SERVER_TCP_ECHO, default=SERVER_HTTP, | 2102 const=SERVER_TCP_ECHO, default=SERVER_HTTP, |
| 2095 dest='server_type', | 2103 dest='server_type', |
| 2096 help='start up a tcp echo server.') | 2104 help='start up a tcp echo server.') |
| 2097 self.option_parser.add_option('--udp-echo', action='store_const', | 2105 self.option_parser.add_option('--udp-echo', action='store_const', |
| 2098 const=SERVER_UDP_ECHO, default=SERVER_HTTP, | 2106 const=SERVER_UDP_ECHO, default=SERVER_HTTP, |
| (...skipping 110 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2209 self.option_parser.add_option('--file-root-url', default='/files/', | 2217 self.option_parser.add_option('--file-root-url', default='/files/', |
| 2210 help='Specify a root URL for files served.') | 2218 help='Specify a root URL for files served.') |
| 2211 # TODO(ricea): Generalize this to support basic auth for HTTP too. | 2219 # TODO(ricea): Generalize this to support basic auth for HTTP too. |
| 2212 self.option_parser.add_option('--ws-basic-auth', action='store_true', | 2220 self.option_parser.add_option('--ws-basic-auth', action='store_true', |
| 2213 dest='ws_basic_auth', | 2221 dest='ws_basic_auth', |
| 2214 help='Enable basic-auth for WebSocket') | 2222 help='Enable basic-auth for WebSocket') |
| 2215 | 2223 |
| 2216 | 2224 |
| 2217 if __name__ == '__main__': | 2225 if __name__ == '__main__': |
| 2218 sys.exit(ServerRunner().main()) | 2226 sys.exit(ServerRunner().main()) |
| OLD | NEW |
