Skip to content

Commit

Permalink
Fix PKI OWS tests: use TLS 1.2
Browse files Browse the repository at this point in the history
  • Loading branch information
@elpaso @nyalldawson
elpaso authored and nyalldawson committed Feb 8, 2021
1 parent 477d037 commit acf6d62
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 10 deletions.
4 changes: 2 additions & 2 deletions tests/src/python/qgis_wrapped_server.py
View file
Expand Up @@ -460,7 +460,7 @@ class ThreadedHTTPServer(ThreadingMixIn, HTTPServer):
keyfile=QGIS_SERVER_OAUTH2_KEY,
server_side=True,
# cert_reqs=ssl.CERT_REQUIRED, # No certs for OAuth2
ssl_version=ssl.PROTOCOL_TLSv1)
ssl_version=ssl.PROTOCOL_TLSv1_2)
else:
server.socket = ssl.wrap_socket(
server.socket,
Expand All @@ -469,7 +469,7 @@ class ThreadedHTTPServer(ThreadingMixIn, HTTPServer):
ca_certs=QGIS_SERVER_PKI_AUTHORITY,
cert_reqs=ssl.CERT_REQUIRED,
server_side=True,
ssl_version=ssl.PROTOCOL_TLSv1)
ssl_version=ssl.PROTOCOL_TLSv1_2)

print('Starting server on %s://%s:%s, use <Ctrl-C> to stop' %
('https' if HTTPS_ENABLED else 'http', QGIS_SERVER_HOST, server.server_port), flush=True)
Expand Down
14 changes: 6 additions & 8 deletions tests/src/python/test_authmanager_pki_ows.py
View file
Expand Up @@ -64,9 +64,9 @@ def setUpAuth(cls):
"""Run before all tests and set up authentication"""
authm = QgsApplication.authManager()
assert (authm.setMasterPassword('masterpassword', True))
cls.sslrootcert_path = os.path.join(cls.certsdata_path, 'chains_subissuer-issuer-root_issuer2-root2.pem')
cls.sslcert = os.path.join(cls.certsdata_path, 'gerardus_cert.pem')
cls.sslkey = os.path.join(cls.certsdata_path, 'gerardus_key.pem')
cls.sslrootcert_path = os.path.join(cls.certsdata_path, 'qgis_ca.crt')
cls.sslcert = os.path.join(cls.certsdata_path, 'Gerardus.crt')
cls.sslkey = os.path.join(cls.certsdata_path, 'Gerardus.key')
assert os.path.isfile(cls.sslcert)
assert os.path.isfile(cls.sslkey)
assert os.path.isfile(cls.sslrootcert_path)
Expand All @@ -86,10 +86,8 @@ def setUpAuth(cls):
assert (authm.storeAuthenticationConfig(cls.auth_config)[0])
assert cls.auth_config.isValid()

# cls.server_cert = os.path.join(cls.certsdata_path, 'localhost_ssl_cert.pem')
cls.server_cert = os.path.join(cls.certsdata_path, '127_0_0_1_ssl_cert.pem')
# cls.server_key = os.path.join(cls.certsdata_path, 'localhost_ssl_key.pem')
cls.server_key = os.path.join(cls.certsdata_path, '127_0_0_1_ssl_key.pem')
cls.server_cert = os.path.join(cls.certsdata_path, '127_0_0_1.crt')
cls.server_key = os.path.join(cls.certsdata_path, '127_0_0_1.key')
cls.server_rootcert = cls.sslrootcert_path
os.chmod(cls.server_cert, stat.S_IRUSR)
os.chmod(cls.server_key, stat.S_IRUSR)
Expand All @@ -115,7 +113,7 @@ def setUpClass(cls):
except KeyError:
pass
cls.testdata_path = unitTestDataPath('qgis_server')
cls.certsdata_path = os.path.join(unitTestDataPath('auth_system'), 'certs_keys')
cls.certsdata_path = os.path.join(unitTestDataPath('auth_system'), 'certs_keys_2048')
cls.project_path = os.path.join(cls.testdata_path, "test_project.qgs")
# cls.hostname = 'localhost'
cls.protocol = 'https'
Expand Down

0 comments on commit acf6d62

Please sign in to comment.