Ubuntu One Client

Merge lp:~alecu/ubuntuone-client/txweb-ssl-3-0 into lp:ubuntuone-client/stable-3-0

txweb-ssl-3-0
Merge into stable-3-0

Proposed by Alejandro J. Cura on 2012-06-13

Status:

Merged

Approved by:

Alejandro J. Cura on 2012-06-13

Approved revision:

1193

Merged at revision:

1193

Proposed branch:

lp:~alecu/ubuntuone-client/txweb-ssl-3-0

Merge into:

lp:ubuntuone-client/stable-3-0

Diff against target:

156 lines (+78/-22)

2 files modified

tests/syncdaemon/test_action_queue.py (+67/-12)
ubuntuone/syncdaemon/action_queue.py (+11/-10)

To merge this branch:

bzr merge lp:~alecu/ubuntuone-client/txweb-ssl-3-0

High

Fix Released

Link a bug report

Reviewer	Date Requested	Status
Roberto Alsina (community)		Approve on 2012-06-13
dobey (community)	2012-06-13	Approve on 2012-06-13
Review via email: mp+110165@code.launchpad.net

Commit message

- Add SSL verification to webapi calls (LP: #882062).

Revision history for this message

dobey (dobey) on 2012-06-13:

review: Approve

Revision history for this message

Roberto Alsina (ralsina) wrote on 2012-06-13:

+1 on code review

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Alejandro J. Cura

Ubuntu One hackers

 === modified file 'tests/syncdaemon/test_action_queue.py'
 --- tests/syncdaemon/test_action_queue.py	2012-05-16 22:01:56 +0000
 +++ tests/syncdaemon/test_action_queue.py	2012-06-13 20:39:18 +0000
@@ -329,6 +329,8 @@
  class BasicTests(BasicTestCase):
      """Basic tests to check ActionQueue."""
++    fake_host = "fake_host"
++    fake_iri = u"http://%s/" % fake_host
      def test_implements_interface(self):
          """Verify ActionQueue and FakeActionQueue interface."""
@@ -433,19 +435,54 @@
                  self.assertEqual(set(defined_args[1:]), set(evtargs))
      @defer.inlineCallbacks
++    def test_get_webclient_called_with_iri(self):
++        """The call to get_webclient includes the iri."""
++        called_args = []
++        real_get_webclient = action_queue.ActionQueue.get_webclient
++
++        def fake_get_webclient(aq, *args):
++            """A fake get_webclient."""
++            called_args.append(args)
++            return real_get_webclient(aq, *args)
++
++        self.patch(action_queue.ActionQueue, "get_webclient",
++                   fake_get_webclient)
++        self.patch(action_queue.txweb.WebClient, "request",
++                   lambda *args, **kwargs: defer.succeed(None))
++
++        yield self.action_queue.webcall(self.fake_iri)
++        self.assertEqual(called_args, [(self.fake_iri,)])
++
++    @defer.inlineCallbacks
      def test_get_webclient(self):
--        """The webclient is created if it does not exist."""
--        self.assertEqual(self.action_queue.webclient, None)
--        webclient = yield self.action_queue.get_webclient()
--        self.assertNotEqual(webclient, None)
--
--    @defer.inlineCallbacks
--    def test_get_webclient_existing(self):
--        """The webclient is not created again if it exists."""
--        fake_wc = object()
--        self.patch(self.action_queue, "webclient", fake_wc)
--        webclient = yield self.action_queue.get_webclient()
--        self.assertEqual(webclient, fake_wc)
++        """The webclient is created every time."""
++        webclient1 = yield self.action_queue.get_webclient(self.fake_iri)
++        webclient2 = yield self.action_queue.get_webclient(self.fake_iri)
++        self.assertNotEqual(webclient1, webclient2)
++
++    @defer.inlineCallbacks
++    def test_get_webclient_creates_context_with_host(self):
++        """The ssl context is created with the right host."""
++        used_host = []
++
++        def fake_get_ssl_context(disable_ssl_verify, host):
++            """The host is used to call get_ssl_context."""
++            used_host.append(host)
++
++        self.patch(action_queue, "get_ssl_context", fake_get_ssl_context)
++        yield self.action_queue.get_webclient(self.fake_iri)
++        self.assertEqual(used_host, [self.fake_host])
++
++    @defer.inlineCallbacks
++    def test_get_webclient_uses_just_created_context(self):
++        """The freshly created context is used to create the webclient."""
++        calls = []
++        fake_context = object()
++        self.patch(action_queue, "get_ssl_context", lambda *args: fake_context)
++        self.patch(action_queue.txweb.WebClient, "__init__",
++                   lambda *args, **kwargs: calls.append(kwargs))
++        yield self.action_queue.get_webclient(self.fake_iri)
++        self.assertEqual(calls[1]["context_factory"], fake_context)
  class TestLoggingStorageClient(TwistedTestCase):
@@ -1395,6 +1432,24 @@
                          "connectSSL is called on the client.")
++class ContextRequestedWithHost(FactoryBaseTestCase):
++    """Test that the context is requested passing the host."""
++
++    tunnel_runner_class = SavingConnectionTunnelRunner
++
++    @defer.inlineCallbacks
++    def test_context_request_passes_host(self):
++        """The context is requested passing the host."""
++        fake_host = "fake_host"
++
++        def fake_get_ssl_context(disable_ssl_verify, host):
++            """The host is used to call get_ssl_context."""
++            self.assertEqual(host, fake_host)
++
++        self.patch(action_queue, "get_ssl_context", fake_get_ssl_context)
++        yield self.action_queue._make_connection((fake_host, 1234))
++
++
  class ConnectedBaseTestCase(FactoryBaseTestCase):
      """Base test case generating a connected factory."""
 === modified file 'ubuntuone/syncdaemon/action_queue.py'
 --- ubuntuone/syncdaemon/action_queue.py	2012-06-06 20:55:28 +0000
 +++ ubuntuone/syncdaemon/action_queue.py	2012-06-13 20:39:18 +0000
@@ -43,7 +43,7 @@
  from collections import deque, defaultdict
  from functools import partial
  from urllib import urlencode
--from urlparse import urljoin
++from urlparse import urljoin, urlparse
  import OpenSSL.SSL
@@ -697,7 +697,6 @@
          self.token = None
          self.consumer = None
          self.credentials = None
--        self.webclient = None
          self.client = None  # an instance of self.protocol
@@ -836,20 +835,22 @@
      @defer.inlineCallbacks
      def webcall(self, iri, **kwargs):
          """Perform a web call to the api servers."""
--        webclient = yield self.get_webclient()
++        webclient = yield self.get_webclient(iri)
          response = yield webclient.request(iri,
                               oauth_credentials=self.credentials, **kwargs)
          defer.returnValue(response)
      @defer.inlineCallbacks
--    def get_webclient(self):
++    def get_webclient(self, iri):
          """Get the webclient, creating it if needed."""
--        if self.webclient is None:
--            client = yield self.tunnel_runner.get_client()
--            self.webclient = txweb.WebClient(connector=client,
--                                             appname="Ubuntu One",
--                                             oauth_sign_plain=True)
--        defer.returnValue(self.webclient)
++        uri = txweb.WebClient().iri_to_uri(iri)
++        host = urlparse(uri).netloc.split(":")[0]
++        ssl_context = get_ssl_context(self.disable_ssl_verify, host)
++        connector = yield self.tunnel_runner.get_client()
++        webclient = txweb.WebClient(connector=connector, appname="Ubuntu One",
++                                    oauth_sign_plain=True,
++                                    context_factory=ssl_context)
++        defer.returnValue(webclient)
      @defer.inlineCallbacks
      def _make_connection(self, result):

Ubuntu One Client

Merge lp:~alecu/ubuntuone-client/txweb-ssl-3-0 into lp:ubuntuone-client/stable-3-0

Commit message

Description of the change

Preview Diff

Subscribers