summaryrefslogtreecommitdiffstats
path: root/test/modules/tls/test_05_proto.py
diff options
context:
space:
mode:
Diffstat (limited to 'test/modules/tls/test_05_proto.py')
-rw-r--r--test/modules/tls/test_05_proto.py64
1 files changed, 64 insertions, 0 deletions
diff --git a/test/modules/tls/test_05_proto.py b/test/modules/tls/test_05_proto.py
new file mode 100644
index 0000000..d874a90
--- /dev/null
+++ b/test/modules/tls/test_05_proto.py
@@ -0,0 +1,64 @@
+import time
+from datetime import timedelta
+import socket
+from threading import Thread
+
+import pytest
+
+from .conf import TlsTestConf
+from .env import TlsTestEnv
+
+
+class TestProto:
+
+ @pytest.fixture(autouse=True, scope='class')
+ def _class_scope(self, env):
+ conf = TlsTestConf(env=env, extras={
+ env.domain_a: "TLSProtocol TLSv1.3+",
+ env.domain_b: [
+ "# the commonly used name",
+ "TLSProtocol TLSv1.2+",
+ "# the numeric one (yes, this is 1.2)",
+ "TLSProtocol TLSv0x0303+",
+ ],
+ })
+ conf.add_tls_vhosts(domains=[env.domain_a, env.domain_b])
+ conf.install()
+ assert env.apache_restart() == 0
+
+ @pytest.fixture(autouse=True, scope='function')
+ def _function_scope(self, env):
+ pass
+
+ def test_tls_05_proto_1_2(self, env):
+ r = env.tls_get(env.domain_b, "/index.json", options=["--tlsv1.2"])
+ assert r.exit_code == 0, r.stderr
+
+ @pytest.mark.skip('curl does not have TLSv1.3 on all platforms')
+ def test_tls_05_proto_1_3(self, env):
+ r = env.tls_get(env.domain_a, "/index.json", options=["--tlsv1.3", '-v'])
+ if True: # testing TlsTestEnv.curl_supports_tls_1_3() is unreliable (curl should support TLS1.3 nowadays..)
+ assert r.exit_code == 0, f'{r}'
+ else:
+ assert r.exit_code == 4, f'{r}'
+
+ def test_tls_05_proto_close(self, env):
+ s = socket.create_connection(('localhost', env.https_port))
+ time.sleep(0.1)
+ s.close()
+
+ def test_tls_05_proto_ssl_close(self, env):
+ conf = TlsTestConf(env=env, extras={
+ 'base': "LogLevel ssl:debug",
+ env.domain_a: "SSLProtocol TLSv1.3",
+ env.domain_b: "SSLProtocol TLSv1.2",
+ })
+ for d in [env.domain_a, env.domain_b]:
+ conf.add_vhost(domains=[d], port=env.https_port)
+ conf.install()
+ assert env.apache_restart() == 0
+ s = socket.create_connection(('localhost', env.https_port))
+ time.sleep(0.1)
+ s.close()
+
+