Fix the pywsgi SSLContext tests on Python 2.7

Don't define them on 2.7.8. Add a changelog entry. Fixes #904

Fix the pywsgi SSLContext tests on Python 2.7
Don't define them on 2.7.8. Add a changelog entry. Fixes #904
5a8899ae · Jason Madden · 4bead9db · 5a8899ae · 5a8899ae
Commit 5a8899ae authored Dec 08, 2016 by Jason Madden
Hide whitespace changes
Inline Side-by-side

Showing with 25 additions and 9 deletions

changelog.rst changelog.rst +2 -0

src/greentest/test__pywsgi.py src/greentest/test__pywsgi.py +23 -9

No files found.
--- a/changelog.rst
+++ b/changelog.rst
@@ -12,6 +12,8 @@
  on non-Windows systems for ease of development on BSD systems where
  ``make`` is BSD make and ``gmake`` is GNU make (gevent requires GNU
  make). See :issue:`888`.
+- Let :class:`gevent.server.StreamServer` accept an ``SSLContext`` on
+  Python versions that support it. Added in :pr:`904` by Arcadiy Ivanov.

 1.2a1 (Oct 27, 2016)
 ====================

--- a/src/greentest/test__pywsgi.py
+++ b/src/greentest/test__pywsgi.py
@@ -741,13 +741,26 @@ class HttpsTestCase(TestCase):
        start_response('200 OK', [('Content-Type', 'text/plain')])
        return [environ['wsgi.input'].read(10)]

-
-class HttpsSslContextTestCase(HttpsTestCase):
-    def init_server(self, application):
-        from ssl import create_default_context
-        context = create_default_context()
-        context.load_cert_chain(certfile=self.certfile, keyfile=self.keyfile)
-        self.server = pywsgi.WSGIServer(('127.0.0.1', 0), application, ssl_context=context)
+try:
+    from ssl import create_default_context as _
+except ImportError:
+    HAVE_SSLCONTEXT = False
+else:
+    HAVE_SSLCONTEXT = True
+
+    class HttpsSslContextTestCase(HttpsTestCase):
+        def init_server(self, application):
+            # On 2.7, our certs don't line up with hostname.
+            # If we just use create_default_context as-is, we get
+            # `ValueError: check_hostname requires server_hostname`.
+            # If we set check_hostname to False, we get
+            # `SSLError: [SSL: PEER_DID_NOT_RETURN_A_CERTIFICATE] peer did not return a certificate`
+            # (Neither of which happens in Python 3.) But the unverified context
+            # works both places. See also test___example_servers.py
+            from ssl import _create_unverified_context
+            context = _create_unverified_context()
+            context.load_cert_chain(certfile=self.certfile, keyfile=self.keyfile)
+            self.server = pywsgi.WSGIServer(('127.0.0.1', 0), application, ssl_context=context)

 class TestHttps(HttpsTestCase):

@@ -761,8 +774,9 @@ class TestHttps(HttpsTestCase):
            result = self.urlopen()
            self.assertEquals(result.body, '')

-class TestHttpsWithContext(HttpsSslContextTestCase, TestHttps):
-    pass
+if HAVE_SSLCONTEXT:
+    class TestHttpsWithContext(HttpsSslContextTestCase, TestHttps):
+        pass

 class TestInternational(TestCase):
    validator = None  # wsgiref.validate.IteratorWrapper([]) does not have __len__