mirror of
https://github.com/GAM-team/GAM.git
synced 2026-07-03 12:21:35 +00:00
generalize TLS test
This commit is contained in:
@@ -134,7 +134,9 @@ script:
|
||||
- $gam version | grep travis # travis should be part of the path (not /tmp or such)
|
||||
- if [ "$VMTYPE" == "build" ]; then $gam version | grep "Python ${BUILD_PYTHON_VERSION//./\\.}"; fi # We should be building with latest Python
|
||||
- if [ "$VMTYPE" == "build" ]; then $gam version extended | grep "OpenSSL ${BUILD_OPENSSL_VERSION//./\\.}"; fi # We should be using OpenSSL 1.1.1+
|
||||
- if [ "$VMTYPE" == "build" ]; then $gam version extended | grep TLSv1\.[23]; fi # Builds should support TLS 1.2 or 1.3 to Google
|
||||
- if [ "$VMTYPE" == "build" ]; then $gam version extended | grep TLSv1\.[23]; fi # Builds should default TLS 1.2 or 1.3 to Google
|
||||
- if [ "$VMTYPE" == "build" ]; then GAM_TLS_MIN_VERSION=TLSv1 GAM_TLS_MAX_VERSION=TLSv1 $gam version extended | grep TLSv1\.0; fi # Force TLS 1.0
|
||||
- if [ "$VMTYPE" == "build" ]; then GAM_TLS_MIN_VERSION=TLSv1_2 gamd version extended location tls-v1-0.badssl.com:1010; [[ $? == 3 ]]
|
||||
- export jid="$(cut -d'.' -f2 <<<"$TRAVIS_JOB_NUMBER")"
|
||||
- if [ "$TRAVIS_EVENT_TYPE" != "pull_request" ]; then export e2e=true; fi
|
||||
- if [ "$e2e" = true ]; then export gam_user=gam-travis-$jid@pdl.jaylee.us; fi
|
||||
|
||||
21
src/gam.py
21
src/gam.py
@@ -53,7 +53,7 @@ import http.client as http_client
|
||||
from email.mime.text import MIMEText
|
||||
from multiprocessing import Pool
|
||||
from multiprocessing import freeze_support
|
||||
from urllib.parse import urlencode
|
||||
from urllib.parse import urlencode, urlparse
|
||||
from passlib.hash import sha512_crypt
|
||||
import dns.resolver
|
||||
import dateutil.parser
|
||||
@@ -808,6 +808,7 @@ def doGAMVersion(checkForArgs=True):
|
||||
force_check = False
|
||||
simple = False
|
||||
extended = False
|
||||
testLocation = 'www.googleapis.com'
|
||||
if checkForArgs:
|
||||
i = 2
|
||||
while i < len(sys.argv):
|
||||
@@ -821,6 +822,9 @@ def doGAMVersion(checkForArgs=True):
|
||||
elif myarg == 'extended':
|
||||
extended = True
|
||||
i += 1
|
||||
elif myarg == 'location':
|
||||
testLocation = sys.argv[i+1]
|
||||
i += 2
|
||||
else:
|
||||
systemErrorExit(2, '%s is not a valid argument for "gam version"' % sys.argv[i])
|
||||
if simple:
|
||||
@@ -835,10 +839,17 @@ def doGAMVersion(checkForArgs=True):
|
||||
doGAMCheckForUpdates(forceCheck=True)
|
||||
if extended:
|
||||
print(ssl.OPENSSL_VERSION)
|
||||
httpc = _createHttpObj()
|
||||
httpc.request('https://www.googleapis.com')
|
||||
cipher_name, tls_ver, _ = httpc.connections['https:www.googleapis.com'].sock.cipher()
|
||||
print('www.googleapis.com connects using %s %s' % (tls_ver, cipher_name))
|
||||
tls_ver, cipher_name = _getServerTLSUsed(testLocation)
|
||||
print('%s connects using %s %s' % (testLocation, tls_ver, cipher_name))
|
||||
|
||||
def _getServerTLSUsed(location):
|
||||
url = 'https://%s' % location
|
||||
_, netloc, _, _, _, _ = urlparse(url)
|
||||
conn = 'https:%s' % netloc
|
||||
httpc = _createHttpObj()
|
||||
httpc.request(url)
|
||||
cipher_name, tls_ver, _ = httpc.connections[conn].sock.cipher()
|
||||
return tls_ver, cipher_name
|
||||
|
||||
def handleOAuthTokenError(e, soft_errors):
|
||||
if e.replace('.', '') in OAUTH2_TOKEN_ERRORS or e.startswith('Invalid response'):
|
||||
|
||||
Reference in New Issue
Block a user