It expands to 4 values (tests) - IPv4 TCP, IPv6 TCP, IPv4 TLS, IPv6 TLS sockets
- `make_kresd_sock` is similar to `kresd_sock`, except it's a factory function that
produces a new connected socket (of the same type) on each call
-- `kresd`, `kresd_tt`, `kresd_tt_expired` are all Kresd instances, already running
- and initialized with config (with no / valid / expired TLS certificates)
+- `kresd`, `kresd_tt` are all Kresd instances, already running
+ and initialized with config (with no / valid TLS certificates)
yield kresd
-@pytest.fixture
-def kresd_tt_expired(tmpdir):
- with make_kresd(tmpdir, 'tt-expired') as kresd:
- yield kresd
-
-
@pytest.fixture(params=[
'ip_tcp_socket',
'ip6_tcp_socket',
ssock.connect(dest)
-def test_tls_cert_expired(kresd_tt_expired, sock_family):
- """Attempt to use expired certificate."""
- sock, dest = kresd_tt_expired.stream_socket(sock_family, tls=True)
- ctx = utils.make_ssl_context(verify_location=kresd_tt_expired.tls_cert_path)
- ssock = ctx.wrap_socket(sock, server_hostname='transport-test-server.com')
-
- with pytest.raises(ssl.SSLError):
- ssock.connect(dest)
-
-
@pytest.mark.skipif(sys.version_info < (3, 6),
reason="requires python3.6 or higher")
@pytest.mark.parametrize('sf1, sf2, sf3', itertools.product(
projects / thirdparty / knot-resolver.git / commitdiff
