Skip to content

Commit

Permalink
Fix usage of proxy.py in test_proxy_functional (#7773) (#7877)
Browse files Browse the repository at this point in the history
(cherry picked from commit 4d9fc63)
  • Loading branch information
bdraco authored Nov 23, 2023
1 parent 45147c4 commit a5e8aba
Showing 1 changed file with 30 additions and 46 deletions.
76 changes: 30 additions & 46 deletions tests/test_proxy_functional.py
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
import asyncio
import functools
import os
import pathlib
import platform
import ssl
import sys
from re import match as match_regex
from unittest import mock
from uuid import uuid4
Expand All @@ -13,8 +13,8 @@

import aiohttp
from aiohttp import web
from aiohttp.client_exceptions import ClientConnectionError, ClientProxyConnectionError
from aiohttp.helpers import IS_MACOS, IS_WINDOWS, PY_310
from aiohttp.client_exceptions import ClientConnectionError
from aiohttp.helpers import IS_MACOS, IS_WINDOWS

pytestmark = [
pytest.mark.filterwarnings(
Expand All @@ -28,20 +28,7 @@
]


secure_proxy_xfail_under_py310_linux = functools.partial(
pytest.mark.xfail,
PY_310 and platform.system() == "Linux",
reason=(
"The secure proxy fixture does not seem to work "
"under Python 3.10 on Linux. "
"See https://github.com/abhinavsingh/proxy.py/issues/622."
),
)

ASYNCIO_SUPPORTS_TLS_IN_TLS = hasattr(
asyncio.sslproto._SSLProtocolTransport,
"_start_tls_compatible",
)
ASYNCIO_SUPPORTS_TLS_IN_TLS = sys.version_info >= (3, 11)


@pytest.fixture
Expand All @@ -51,6 +38,9 @@ def secure_proxy_url(tls_certificate_pem_path):
This fixture also spawns that instance and tears it down after the test.
"""
proxypy_args = [
# --threadless does not work on windows, see
# https://github.com/abhinavsingh/proxy.py/issues/492
"--threaded" if os.name == "nt" else "--threadless",
"--num-workers",
"1", # the tests only send one query anyway
"--hostname",
Expand Down Expand Up @@ -112,32 +102,20 @@ async def handler(*args, **kwargs):
)


@pytest.fixture
def _pretend_asyncio_supports_tls_in_tls(
monkeypatch,
web_server_endpoint_type,
):
if web_server_endpoint_type != "https" or ASYNCIO_SUPPORTS_TLS_IN_TLS:
return

# for https://github.com/python/cpython/pull/28073
# and https://bugs.python.org/issue37179
monkeypatch.setattr(
asyncio.sslproto._SSLProtocolTransport,
"_start_tls_compatible",
True,
raising=False,
)


@secure_proxy_xfail_under_py310_linux(raises=ClientProxyConnectionError)
@pytest.mark.skipif(
not ASYNCIO_SUPPORTS_TLS_IN_TLS,
reason="asyncio on this python does not support TLS in TLS",
)
@pytest.mark.parametrize("web_server_endpoint_type", ("http", "https"))
@pytest.mark.usefixtures("_pretend_asyncio_supports_tls_in_tls", "loop")
@pytest.mark.filterwarnings(r"ignore:.*ssl.OP_NO_SSL*")
# Filter out the warning from
# https://github.com/abhinavsingh/proxy.py/blob/30574fd0414005dfa8792a6e797023e862bdcf43/proxy/common/utils.py#L226
# otherwise this test will fail because the proxy will die with an error.
async def test_secure_https_proxy_absolute_path(
client_ssl_ctx,
secure_proxy_url,
web_server_endpoint_url,
web_server_endpoint_payload,
client_ssl_ctx: ssl.SSLContext,
secure_proxy_url: URL,
web_server_endpoint_url: str,
web_server_endpoint_payload: str,
) -> None:
"""Ensure HTTP(S) sites are accessible through a secure proxy."""
conn = aiohttp.TCPConnector()
Expand All @@ -160,13 +138,19 @@ async def test_secure_https_proxy_absolute_path(
await asyncio.sleep(0.1)


@secure_proxy_xfail_under_py310_linux(raises=AssertionError)
@pytest.mark.parametrize("web_server_endpoint_type", ("https",))
@pytest.mark.usefixtures("loop")
@pytest.mark.skipif(
ASYNCIO_SUPPORTS_TLS_IN_TLS, reason="asyncio on this python supports TLS in TLS"
)
@pytest.mark.filterwarnings(r"ignore:.*ssl.OP_NO_SSL*")
# Filter out the warning from
# https://github.com/abhinavsingh/proxy.py/blob/30574fd0414005dfa8792a6e797023e862bdcf43/proxy/common/utils.py#L226
# otherwise this test will fail because the proxy will die with an error.
async def test_https_proxy_unsupported_tls_in_tls(
client_ssl_ctx,
secure_proxy_url,
web_server_endpoint_type,
client_ssl_ctx: ssl.SSLContext,
secure_proxy_url: URL,
web_server_endpoint_type: str,
) -> None:
"""Ensure connecting to TLS endpoints w/ HTTPS proxy needs patching.
Expand Down

0 comments on commit a5e8aba

Please sign in to comment.