[tor-commits] [ooni-probe/develop] Fix bug where conflicting SSL context choices was not explained to the user.
isis at torproject.org
isis at torproject.org
Thu Jun 6 16:41:38 UTC 2013
commit c89288d28281e17dee02400ab03d4e5b1f32864f
Author: Isis Lovecruft <isis at torproject.org>
Date: Mon Apr 22 00:35:17 2013 +0000
Fix bug where conflicting SSL context choices was not explained to the user.
---
nettests/experimental/tls_handshake.py | 22 ++++++++++++++++------
1 file changed, 16 insertions(+), 6 deletions(-)
diff --git a/nettests/experimental/tls_handshake.py b/nettests/experimental/tls_handshake.py
index 1ac3661..89a9bd9 100644
--- a/nettests/experimental/tls_handshake.py
+++ b/nettests/experimental/tls_handshake.py
@@ -152,13 +152,23 @@ class HandshakeTest(nettest.NetTestCase):
if options['host']:
self.host = options['host']
+ ## If no context was chosen, explain our default to the user:
+ if not (options['ssl2'] or options['ssl3'] or options['tls1']):
+ try: raise SSLContextError('NO_CONTEXT')
+ except SSLContextError as sce: log.err(sce.message)
else:
- try:
- raise NoSSLContextError(
- "No SSL/TLS context chosen! Defaulting to TLSv1...")
- except NoSSLContextError, ncse:
- log.err(ncse.message)
- self.context = SSL.Context(SSL.TLSv1_METHOD)
+ ## If incompatible contexts were chosen, inform the user:
+ if options['tls1'] and (options['ssl2'] or options['ssl3']):
+ try: raise SSLContextError('INCOMPATIBLE')
+ except SSLContextError as sce: log.err(sce.message)
+ finally: log.msg('Defaulting to testing only TLSv1.')
+ elif options['ssl2']:
+ if not options['ssl3']:
+ self.context = SSL.Context(SSL.SSLv2_METHOD)
+ else:
+ self.context = SSL.Context(SSL.SSLv23_METHOD)
+ elif options['ssl3']:
+ self.context = SSL.Context(SSL.SSLv3_METHOD)
if not options['ciphersuite']:
self.ciphers = firefox_ciphers
More information about the tor-commits
mailing list