chore: bump to the latest twisted per CVE-2019-12387

and adapt tests to it

Closes #1336

autopush/tests/test_fcmclient.py

@@ -96,8 +96,8 @@ def test_fail_401(self):
     def test_fail_500(self):
         self._m_response.code = 500
         content = "OMG"
-        self._m_response.headers.addRawHeader('Retry-After', 123)
+        self._m_response.headers.addRawHeader('Retry-After', "123")
         self._m_resp_text.callback(content)
         self._m_request.callback(self._m_response)
         result = yield self.fcm.send("token", self.m_payload)
-        assert result.retry_after == 123
+        assert result.retry_after == "123"

autopush/tests/test_gcmclient.py

@@ -193,9 +193,9 @@ def test_fail_401(self):
     def test_fail_500(self):
         self._m_response.code = 500
         content = "OMG"
-        self._m_response.headers.addRawHeader('Retry-After', 123)
+        self._m_response.headers.addRawHeader('Retry-After', "123")
         self._m_resp_text.callback(content)
         self._m_request.callback(self._m_response)
         result = yield self.gcm.send(self.m_payload)
         assert 'some_reg_id' in result.retry_message.registration_ids
-        assert result.retry_after == 123
+        assert result.retry_after == "123"

autopush/tests/test_integration.py

@@ -3,6 +3,7 @@
 import logging
 import os
 import random
+import socket
 import sys
 import time
 import urlparse
@@ -2438,16 +2439,24 @@ def endpoint_kwargs(self):
     def test_proxy_protocol(self):
         port = self.ep.conf.proxy_protocol_port
         ip = '198.51.100.22'
-        proto_line = 'PROXY TCP4 {} 203.0.113.7 35646 80\r\n'.format(ip)
-        # the proxy proto. line comes before the request: we can sneak
-        # it in before the verb
-        response, body = yield _agent(
-            '{}GET'.format(proto_line),
-            "http://localhost:{}/v1/err".format(port),
-        )
-        assert response.code == 418
-        payload = json.loads(body)
-        assert payload['error'] == "Test Error"
+        req = """\
+PROXY TCP4 {} 203.0.113.7 35646 80\r
+GET /v1/err HTTP/1.1\r
+Host: 127.0.0.1\r
+\r\n""".format(ip)
+
+        def proxy_request():
+            sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+            sock.connect(("localhost", port))
+            try:
+                sock.sendall(req)
+                return sock.recv(4096)
+            finally:
+                sock.close()
+
+        response = yield deferToThread(proxy_request)
+        assert response.startswith("HTTP/1.1 418 ")
+        assert "Test Error" in response
         assert self.logs.logged_ci(lambda ci: ci.get('remote_ip') == ip)
 
     @inlineCallbacks

requirements.txt

@@ -67,12 +67,15 @@ rsa==4.0                  # via google-auth, oauth2client, python-jose
 s3transfer==0.1.13        # via boto3
 service-identity==18.1.0
 simplejson==3.16.0
-six==1.12.0               # via autobahn, automat, cryptography, firebase-admin, google-api-core, google-auth, google-resumable-media, grpcio, marshmallow-polyfield, oauth2client, protobuf, pyhamcrest, pyopenssl, python-dateutil, python-jose, treq, txaio
+six==1.12.0               # via autobahn, automat, cryptography, firebase-admin, google-api-core, google-auth, google-resumable-media, grpcio, oauth2client, protobuf, pyhamcrest, pyopenssl, python-dateutil, python-jose, treq, txaio
 treq==18.6.0
-twisted[tls]==18.9.0
+twisted[tls]==19.2.1
 txaio==18.8.1             # via autobahn
 typing==3.6.6
 ua-parser==0.8.0
 urllib3==1.24.2           # via botocore, requests
 wsaccel==0.6.2 ; platform_python_implementation == "CPython"
 zope.interface==4.6.0
+
+# The following packages are considered to be unsafe in a requirements file:
+# setuptools==41.0.1        # via google-api-core, protobuf, pyhamcrest, zope.interface