source: mod_gnutls/test/tests/36_OCSP_server_nonce/hooks.py @ b6ce8ad

main mod_gnutls/0.12.0
Last change on this file since b6ce8ad was 5357109, checked in by Fiona Klute <fiona.klute@…>, 2 years ago

Fix flake8 warnings in test hooks.py
  • Property mode set to 100644
File size: 2.1 KB
Line 
1import base64
2import os
3import re
4from mgstest import require_match, TestExpectationFailed
5from mgstest.ocsp import OCSPRequest, OCSPResponse
6from pathlib import Path
7from unittest import SkipTest
8
9
10LOGFILE = Path('logs/36_OCSP_server_nonce.ocsp.error.log')
11LOGFILE_POSITION = 0
12
13
14def prepare_env():
15    if 'OCSP_PORT' not in os.environ:
16        raise SkipTest('OCSP_PORT is not set, check if openssl is available.')
17
18    # Seek to the end of server log
19    if LOGFILE.exists():
20        global LOGFILE_POSITION
21        LOGFILE_POSITION = LOGFILE.stat().st_size
22
23
24def post_check(conn_log, response_log):
25    print('Checking if the client actually got a stapled response:')
26    print(require_match(re.compile(r'^- Options: .*OCSP status request,'),
27                        conn_log).group(0))
28
29    print('Checking for outputs/36-ocsp.der:')
30    ocsp_response = OCSPResponse.parse_file('outputs/36-ocsp.der')
31    print(ocsp_response)
32
33    print('Checking if the client got a nonce in the stapled response:')
34    resp_nonce = ocsp_response.get_field('nonce').get_value()
35    print(resp_nonce)
36
37    print('Checking if the server log contains an OCSP request')
38    with LOGFILE.open() as log:
39        print(f'Seeking to position {LOGFILE_POSITION}')
40        log.seek(LOGFILE_POSITION)
41        ocsp_request = None
42
43        while ocsp_request is None:
44            log_match = require_match(
45                re.compile(r"Received OCSP request: '([^']*)'"), log)
46            test_request = OCSPRequest.parse_str(
47                base64.b64decode(log_match.group(1)))
48            print(repr(test_request))
49            if ocsp_response.matches_request(test_request):
50                print("Request matches response")
51                ocsp_request = test_request
52            else:
53                print("Request doesn't match response")
54
55    print('Checking if the OCSP request has a nonce')
56    req_nonce = ocsp_request.get_field('nonce').get_value()
57    print(req_nonce)
58
59    print('Checking if the request and response nonces match')
60    if resp_nonce != req_nonce:
61        raise TestExpectationFailed('Nonce mismatch!')
Note: See TracBrowser for help on using the repository browser.