[tor-commits] [ooni-probe/master] Fix bug where conflicting SSL context choices was not explained to the user.

art at torproject.org art at torproject.org
Tue Apr 30 13:01:44 UTC 2013


commit c89288d28281e17dee02400ab03d4e5b1f32864f
Author: Isis Lovecruft <isis at torproject.org>
Date:   Mon Apr 22 00:35:17 2013 +0000

    Fix bug where conflicting SSL context choices was not explained to the user.
---
 nettests/experimental/tls_handshake.py |   22 ++++++++++++++++------
 1 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/nettests/experimental/tls_handshake.py b/nettests/experimental/tls_handshake.py
index 1ac3661..89a9bd9 100644
--- a/nettests/experimental/tls_handshake.py
+++ b/nettests/experimental/tls_handshake.py
@@ -152,13 +152,23 @@ class HandshakeTest(nettest.NetTestCase):
             if options['host']:
                 self.host = options['host']
 
+            ## If no context was chosen, explain our default to the user:
+            if not (options['ssl2'] or options['ssl3'] or options['tls1']):
+                try: raise SSLContextError('NO_CONTEXT')
+                except SSLContextError as sce: log.err(sce.message)
             else:
-                try:
-                    raise NoSSLContextError(
-                        "No SSL/TLS context chosen! Defaulting to TLSv1...")
-                except NoSSLContextError, ncse:
-                    log.err(ncse.message)
-                    self.context = SSL.Context(SSL.TLSv1_METHOD)
+                ## If incompatible contexts were chosen, inform the user:
+                if options['tls1'] and (options['ssl2'] or options['ssl3']):
+                    try: raise SSLContextError('INCOMPATIBLE')
+                    except SSLContextError as sce: log.err(sce.message)
+                    finally: log.msg('Defaulting to testing only TLSv1.')
+                elif options['ssl2']:
+                    if not options['ssl3']:
+                        self.context = SSL.Context(SSL.SSLv2_METHOD)
+                    else:
+                        self.context = SSL.Context(SSL.SSLv23_METHOD)
+                elif options['ssl3']:
+                    self.context = SSL.Context(SSL.SSLv3_METHOD)
 
             if not options['ciphersuite']:
                 self.ciphers = firefox_ciphers





More information about the tor-commits mailing list