Skip to content
Permalink
Browse files

Fix PKI OWS tests: use TLS 1.2

  • Loading branch information
elpaso authored and nyalldawson committed Feb 8, 2021
1 parent 477d037 commit acf6d623025871bfb2d9c4005494fa36bb68718b
Showing with 8 additions and 10 deletions.
  1. +2 −2 tests/src/python/qgis_wrapped_server.py
  2. +6 −8 tests/src/python/test_authmanager_pki_ows.py
@@ -460,7 +460,7 @@ class ThreadedHTTPServer(ThreadingMixIn, HTTPServer):
keyfile=QGIS_SERVER_OAUTH2_KEY,
server_side=True,
# cert_reqs=ssl.CERT_REQUIRED, # No certs for OAuth2
ssl_version=ssl.PROTOCOL_TLSv1)
ssl_version=ssl.PROTOCOL_TLSv1_2)
else:
server.socket = ssl.wrap_socket(
server.socket,
@@ -469,7 +469,7 @@ class ThreadedHTTPServer(ThreadingMixIn, HTTPServer):
ca_certs=QGIS_SERVER_PKI_AUTHORITY,
cert_reqs=ssl.CERT_REQUIRED,
server_side=True,
ssl_version=ssl.PROTOCOL_TLSv1)
ssl_version=ssl.PROTOCOL_TLSv1_2)

print('Starting server on %s://%s:%s, use <Ctrl-C> to stop' %
('https' if HTTPS_ENABLED else 'http', QGIS_SERVER_HOST, server.server_port), flush=True)
@@ -64,9 +64,9 @@ def setUpAuth(cls):
"""Run before all tests and set up authentication"""
authm = QgsApplication.authManager()
assert (authm.setMasterPassword('masterpassword', True))
cls.sslrootcert_path = os.path.join(cls.certsdata_path, 'chains_subissuer-issuer-root_issuer2-root2.pem')
cls.sslcert = os.path.join(cls.certsdata_path, 'gerardus_cert.pem')
cls.sslkey = os.path.join(cls.certsdata_path, 'gerardus_key.pem')
cls.sslrootcert_path = os.path.join(cls.certsdata_path, 'qgis_ca.crt')
cls.sslcert = os.path.join(cls.certsdata_path, 'Gerardus.crt')
cls.sslkey = os.path.join(cls.certsdata_path, 'Gerardus.key')
assert os.path.isfile(cls.sslcert)
assert os.path.isfile(cls.sslkey)
assert os.path.isfile(cls.sslrootcert_path)
@@ -86,10 +86,8 @@ def setUpAuth(cls):
assert (authm.storeAuthenticationConfig(cls.auth_config)[0])
assert cls.auth_config.isValid()

# cls.server_cert = os.path.join(cls.certsdata_path, 'localhost_ssl_cert.pem')
cls.server_cert = os.path.join(cls.certsdata_path, '127_0_0_1_ssl_cert.pem')
# cls.server_key = os.path.join(cls.certsdata_path, 'localhost_ssl_key.pem')
cls.server_key = os.path.join(cls.certsdata_path, '127_0_0_1_ssl_key.pem')
cls.server_cert = os.path.join(cls.certsdata_path, '127_0_0_1.crt')
cls.server_key = os.path.join(cls.certsdata_path, '127_0_0_1.key')
cls.server_rootcert = cls.sslrootcert_path
os.chmod(cls.server_cert, stat.S_IRUSR)
os.chmod(cls.server_key, stat.S_IRUSR)
@@ -115,7 +113,7 @@ def setUpClass(cls):
except KeyError:
pass
cls.testdata_path = unitTestDataPath('qgis_server')
cls.certsdata_path = os.path.join(unitTestDataPath('auth_system'), 'certs_keys')
cls.certsdata_path = os.path.join(unitTestDataPath('auth_system'), 'certs_keys_2048')
cls.project_path = os.path.join(cls.testdata_path, "test_project.qgs")
# cls.hostname = 'localhost'
cls.protocol = 'https'

0 comments on commit acf6d62

Please sign in to comment.