TLS support is optional, especially for older Twisteds

meejah · Aug 31, 2016 · c30f56d · c30f56d
1 parent bd83538
commit c30f56d
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 3 deletions.
diff --git a/test/test_endpoints.py b/test/test_endpoints.py
@@ -4,6 +4,7 @@
 
 from mock import patch
 from mock import Mock, MagicMock
+from unittest import skipIf
 
 from zope.interface import implements
 
@@ -35,6 +36,7 @@
 from txtorcon import TorOnionAddress
 from txtorcon.util import NoOpProtocolFactory
 from txtorcon.endpoints import get_global_tor                       # FIXME
+from txtorcon.endpoints import _HAVE_TLS
 
 import util
 
@@ -739,6 +741,7 @@ def connect(self, *args, **kw):
         p2 = yield endpoint.connect(None)
         self.assertTrue(proto is p2)
 
+    @skipIf(not _HAVE_TLS, "no tls")
     @patch('txtorcon.endpoints.SOCKS5ClientEndpoint')
     @defer.inlineCallbacks
     def test_tls_socks_no_endpoint(self, ep_mock):
@@ -761,6 +764,7 @@ def connect(self, *args, **kw):
         p2 = yield endpoint.connect(None)
         self.assertTrue(wrap.wrappedProtocol is p2)
 
+    @skipIf(not _HAVE_TLS, "no tls")
     @patch('txtorcon.endpoints.SOCKS5ClientEndpoint')
     @defer.inlineCallbacks
     def test_tls_socks_with_endpoint(self, ep_mock):

diff --git a/txtorcon/endpoints.py b/txtorcon/endpoints.py
@@ -17,12 +17,19 @@
 # class (and the parse() doesn't provide a 'reactor' argument).
 try:
     from twisted.internet.interfaces import IStreamClientEndpointStringParserWithReactor
-    from twisted.internet.ssl import optionsForClientTLS
     _HAVE_TX_14 = True
 except ImportError:
     from twisted.internet.interfaces import IStreamClientEndpointStringParser as IStreamClientEndpointStringParserWithReactor
     _HAVE_TX_14 = False
 
+try:
+    from twisted.internet.ssl import optionsForClientTLS
+    from txsocksx.tls import TLSWrapClientEndpoint
+    _HAVE_TLS = True
+except ImportError:
+    _HAVE_TLS = False
+
+
 from twisted.internet import defer, reactor
 from twisted.python import log
 from twisted.internet.interfaces import IStreamServerEndpointStringParser
@@ -667,6 +674,11 @@ def __init__(self, host, port,
         self.socks_password = socks_password
         self.tls = tls
 
+        if self.tls and not _HAVE_TLS:
+            raise ValueError(
+                "'tls=True' but we don't have TLS support"
+            )
+
         # backwards-compatibility: you used to specify a TCP SOCKS
         # endpoint via socks_host= and socks_port= kwargs
         if self.socks_endpoint is None:
@@ -698,7 +710,6 @@ def connect(self, protocolfactory):
             args = (self.host, self.port, self.socks_endpoint)
             socks_ep = SOCKS5ClientEndpoint(*args, **kwargs)
             if self.tls:
-                from txsocksx.tls import TLSWrapClientEndpoint
                 context = optionsForClientTLS(unicode(self.host))
                 socks_ep = TLSWrapClientEndpoint(context, socks_ep)
             proto = yield socks_ep.connect(protocolfactory)
@@ -713,7 +724,6 @@ def connect(self, protocolfactory):
                 args = (self.host, self.port, tor_ep)
                 socks_ep = SOCKS5ClientEndpoint(*args, **kwargs)
                 if self.tls:
-                    from txsocksx.tls import TLSWrapClientEndpoint
                     # XXX only twisted 14+
                     context = optionsForClientTLS(unicode(self.host))
                     socks_ep = TLSWrapClientEndpoint(context, socks_ep)