Add tests for config

Separate cert and key paths into its own fixture

diff --git a/tests/conftest.py b/tests/conftest.py
index cc84fbb4f7639a118b4a38d5a4dad6b0bebbb974..32e7ddd5033243604962a973bdc646fb8cba4623 100644 (file)
--- a/tests/conftest.py
+++ b/tests/conftest.py
@@ -1,5 +1,4 @@
 import asyncio
-import os
 
 import pytest
 import trustme
@@ -52,6 +51,14 @@ async def status_code(scope, receive, send):
     await send({"type": "http.response.body", "body": b"Hello, world!"})
 
 
+@pytest.fixture
+def cert_and_key_paths():
+    ca = trustme.CA()
+    ca.issue_cert("example.org")
+    with ca.cert_pem.tempfile() as cert_temp_path, ca.private_key_pem.tempfile() as key_temp_path:
+        yield cert_temp_path, key_temp_path
+
+
 @pytest.fixture
 async def server():
     config = Config(app=app, lifespan="off")
@@ -67,17 +74,11 @@ async def server():
 
 
 @pytest.fixture
-async def https_server():
-    ca = trustme.CA()
-    server_cert = ca.issue_cert("example.org")
-    with ca.cert_pem.tempfile() as cert_temp_path, ca.private_key_pem.tempfile() as key_temp_path:
-        config = Config(
-            app=app,
-            lifespan="off",
-            ssl_certfile=cert_temp_path,
-            ssl_keyfile=key_temp_path,
-            port=8001,
-        )
+async def https_server(cert_and_key_paths):
+    cert_path, key_path = cert_and_key_paths
+    config = Config(
+        app=app, lifespan="off", ssl_certfile=cert_path, ssl_keyfile=key_path, port=8001
+    )
     server = Server(config=config)
     task = asyncio.ensure_future(server.serve())
     try:

diff --git a/tests/test_config.py b/tests/test_config.py
index 411e1e7e208b7cd71f9bd43530cca11ca579fbfd..bf12edb27df66ac984762e0901e1c374422fa0c7 100644 (file)
--- a/tests/test_config.py
+++ b/tests/test_config.py
@@ -1,3 +1,4 @@
+import os
 import ssl
 
 import pytest
@@ -12,6 +13,44 @@ async def test_load_ssl_config():
     assert context.verify_mode == ssl.VerifyMode.CERT_REQUIRED
 
 
+@pytest.mark.asyncio
+async def test_load_ssl_config_verify_non_existing_path():
+    ssl_config = httpcore.SSLConfig(verify="/path/to/nowhere")
+    with pytest.raises(IOError):
+        await ssl_config.load_ssl_context()
+
+
+@pytest.mark.asyncio
+async def test_load_ssl_config_verify_existing_file():
+    ssl_config = httpcore.SSLConfig(verify=httpcore.config.DEFAULT_CA_BUNDLE_PATH)
+    context = await ssl_config.load_ssl_context()
+    assert context.verify_mode == ssl.VerifyMode.CERT_REQUIRED
+
+
+@pytest.mark.asyncio
+async def test_load_ssl_config_verify_directory():
+    path = os.path.dirname(httpcore.config.DEFAULT_CA_BUNDLE_PATH)
+    ssl_config = httpcore.SSLConfig(verify=path)
+    context = await ssl_config.load_ssl_context()
+    assert context.verify_mode == ssl.VerifyMode.CERT_REQUIRED
+
+
+@pytest.mark.asyncio
+async def test_load_ssl_config_cert_and_key(cert_and_key_paths):
+    cert_path, key_path = cert_and_key_paths
+    ssl_config = httpcore.SSLConfig(cert=(cert_path, key_path))
+    context = await ssl_config.load_ssl_context()
+    assert context.verify_mode == ssl.VerifyMode.CERT_REQUIRED
+
+
+@pytest.mark.asyncio
+async def test_load_ssl_config_cert_without_key_raises(cert_and_key_paths):
+    cert_path, _ = cert_and_key_paths
+    ssl_config = httpcore.SSLConfig(cert=cert_path)
+    with pytest.raises(ssl.SSLError):
+        await ssl_config.load_ssl_context()
+
+
 @pytest.mark.asyncio
 async def test_load_ssl_config_no_verify(verify=False):
     ssl_config = httpcore.SSLConfig(verify=False)