| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add tests for specific TLS/SSL versions
* Add change and update bindings
* SSLSocket.version() not available sometimes
* Add support for kTLSProtocolMaxSupported
* Try setProtocolVersionMax again if error
* Get ctypes.c_uint.value for SSLSocket.version()
* Opt-in TLS 1.3 on macOS 10.13
* Update tornado to 5.1.1
* Add documentation updates for TLSv1.3
* Add wbond/oscrypto license to contrib/securetransport
* Remove all TLS 1.3 ciphersuites from DEFAULT_CIPHERS
* Experiment showing cipher list per protocol
* Update test_https.py
* Update test_https.py
* Update test_https.py
* Update changelog wording to exclude pyOpenSSL
* minor rewording
* Add support for IPv6 in subjectAltName
* Don't use OP_ALL
* Update CHANGES.rst
* No PROTOCOL_TLSv1_3
* Remove DSS, rearrange SecureTransport ciphers
* Use ECDSA before RSA with ECDHE
* ReviReorder ciphers
* ECDHE
* Update test_https.py
* Turns out we don't need version detection
* Reorder per Hyneks post and favor ephemeral
* Refactor HTTPS unit tests
* Fix up tests
* Test locking pytest-httpbin
* Update requests.sh
* remove whitespace
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Revert "Fix test_client_no_intermediate on macOS 10.13+ (#1412)"
This reverts commit 6ef3c06249b7144838b6701c6e9adfa76650ccea. The test
was supposed to test a missing intermediate CA, but after that change it
was testing a missing root CA.
* Stop testing known bad test on macOS 10.13
macOS 10.13 (used by Travis) rejects serial numbers which are more than
36 bytes long, and those tests use certificates with 38 bytes serial
numbers.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Given that large portions of the existing test base blindly import ssl,
and given that if the ssl module exists, CERT_OPTIONAL will be present,
just import ssl unconditionally and use ssl.CERT_OPTIONAL where needed.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* update dummyserver /certificate endpoint to return a json dict of the
subject of the client certificate used to connect (needed for py26
compatibility)
* update test_client_intermediate to use assertDictEquals to test the
returned certificate info from /certificate
* update test_client_no_intermediate to call request with retries=False,
as certificate authentication failure isn't something that will
resolve itself through retries.
tests currently pass on py26, py27, py34, py35, and py36 on my mac.
|
| |
|
|
|
| |
+ Where applicable, using implicit line continuations
+ Moved certificate serial number constant to a more central location
|
| |
|
|
| |
certificate tests
|
| |\ |
|
| | | |
|
| |/ |
|
| |
|
|
|
|
| |
If the client thread called connect() by the time the server thread
actually accept()ed connections, the client got a connection refused
error.
|
| | |
|
| |
|
|
|
| |
Sleep for the seconds specifed by Retry-After response header before
retrying the request.
|
| | |
|
| |\
| |
| | |
Add SOCKS support.
|
| | | |
|
| |/ |
|
| |
|
|
| |
Add tox rule to prevent regressions.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
On systems with IPv6 disabled all IPv6 unit tests will now be skipped,
instead of throwing an exception.
On some IPv6 enabled systems with badly configured DNS, where the IPv6
loopback address ::1 is not assigned to localhost, the unit tests will
fallback to using IPv4 for tests that bind to localhost instead of
throwing an socket.gaierror exception. IPv6 tests that bind directly to
::1 will continue to be run.
|
| | |
|
| |
|
|
| |
Fixes #568
|
| |
|
|
| |
Also kill server if the testsuite fails.
|
| |
|
|
|
|
|
| |
I didn't find a way to launch dummyserver stand-alone. Helps writing tests
if you can launch the dummyserver and just shoot at it with HTTPie.
$ python -m dummyserver.server
|
| |
|
|
| |
Also add instructions for future selves needing to generate new certificates and pem files
|
| | |
|
| |
|
|
|
|
|
| |
If Windows finds the connection host it retries up to two
seconds before raising the connection error even when the
port is not available. We speed this up by using a non-existent
host name.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
On Windows, socket.create_connection is delayed one second
if the host supports IPv6 and there is no listening IPv6 socket.
We fixed this with a updated version of bind_sockets which
uses the same port on IPv4 and IPv6 if automatic allocation is
requested.
See this upstream PR for details:
https://github.com/facebook/tornado/pull/977
|
| |
|
|
|
| |
Use an explicit IOLoop instance so it should be more clear what's going
on internally.
|
| |
|
|
| |
Related: https://github.com/facebook/tornado/pull/777
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |\
| |
| | |
Do not use REUSEADDR on Windows.
|
| | | |
|
| |/ |
|
| | |
|
| |
|
|
| |
address. Should work fine on IPv6, too. fixes issue #59
|
| |\
| |
| |
| | |
dummyserver. Lots of sexy refactoring.
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
