Skip to content
Snippets Groups Projects
Commit e893af6c authored by Drew DeVault's avatar Drew DeVault Committed by Leo
Browse files

community/py3-redis: upgrade to 4.1.0

I'm starting to get tired of fighting upstream on the nonfree
integrations.
parent 2441a80c
No related branches found
No related tags found
1 merge request!28969community/py3-redis: upgrade to 4.1.0
Pipeline #104600 passed
From 9bf9f40f41141942be166966ec434720da5b85bd Mon Sep 17 00:00:00 2001
From: Drew DeVault <sir@cmpwn.com>
Date: Wed, 29 Dec 2021 10:16:53 +0100
Subject: [PATCH 2/2] Drop tests/test_ssl.py
This test expects to be run in the upstream project's CI enviornment.
Ref https://github.com/redis/redis-py/issues/1838
---
tests/test_ssl.py | 161 ----------------------------------------------
1 file changed, 161 deletions(-)
delete mode 100644 tests/test_ssl.py
diff --git a/tests/test_ssl.py b/tests/test_ssl.py
deleted file mode 100644
index a2f66b2..0000000
--- a/tests/test_ssl.py
+++ /dev/null
@@ -1,161 +0,0 @@
-import os
-import socket
-import ssl
-from urllib.parse import urlparse
-
-import pytest
-
-import redis
-from redis.exceptions import ConnectionError, RedisError
-
-from .conftest import skip_if_cryptography, skip_if_nocryptography
-
-
-@pytest.mark.ssl
-class TestSSL:
- """Tests for SSL connections
-
- This relies on the --redis-ssl-url purely for rebuilding the client
- and connecting to the appropriate port.
- """
-
- ROOT = os.path.join(os.path.dirname(__file__), "..")
- CERT_DIR = os.path.abspath(os.path.join(ROOT, "docker", "stunnel", "keys"))
- if not os.path.isdir(CERT_DIR): # github actions package validation case
- CERT_DIR = os.path.abspath(
- os.path.join(ROOT, "..", "docker", "stunnel", "keys")
- )
- if not os.path.isdir(CERT_DIR):
- raise IOError(f"No SSL certificates found. They should be in {CERT_DIR}")
-
- def test_ssl_with_invalid_cert(self, request):
- ssl_url = request.config.option.redis_ssl_url
- sslclient = redis.from_url(ssl_url)
- with pytest.raises(ConnectionError) as e:
- sslclient.ping()
- assert "SSL: CERTIFICATE_VERIFY_FAILED" in str(e)
-
- def test_ssl_connection(self, request):
- ssl_url = request.config.option.redis_ssl_url
- p = urlparse(ssl_url)[1].split(":")
- r = redis.Redis(host=p[0], port=p[1], ssl=True, ssl_cert_reqs="none")
- assert r.ping()
-
- def test_ssl_connection_without_ssl(self, request):
- ssl_url = request.config.option.redis_ssl_url
- p = urlparse(ssl_url)[1].split(":")
- r = redis.Redis(host=p[0], port=p[1], ssl=False)
-
- with pytest.raises(ConnectionError) as e:
- r.ping()
- assert "Connection closed by server" in str(e)
-
- def test_validating_self_signed_certificate(self, request):
- ssl_url = request.config.option.redis_ssl_url
- p = urlparse(ssl_url)[1].split(":")
- r = redis.Redis(
- host=p[0],
- port=p[1],
- ssl=True,
- ssl_certfile=os.path.join(self.CERT_DIR, "server-cert.pem"),
- ssl_keyfile=os.path.join(self.CERT_DIR, "server-key.pem"),
- ssl_cert_reqs="required",
- ssl_ca_certs=os.path.join(self.CERT_DIR, "server-cert.pem"),
- )
- assert r.ping()
-
- def _create_oscp_conn(self, request):
- ssl_url = request.config.option.redis_ssl_url
- p = urlparse(ssl_url)[1].split(":")
- r = redis.Redis(
- host=p[0],
- port=p[1],
- ssl=True,
- ssl_certfile=os.path.join(self.CERT_DIR, "server-cert.pem"),
- ssl_keyfile=os.path.join(self.CERT_DIR, "server-key.pem"),
- ssl_cert_reqs="required",
- ssl_ca_certs=os.path.join(self.CERT_DIR, "server-cert.pem"),
- ssl_validate_ocsp=True,
- )
- return r
-
- @skip_if_cryptography()
- def test_ssl_ocsp_called(self, request):
- r = self._create_oscp_conn(request)
- with pytest.raises(RedisError) as e:
- assert r.ping()
- assert "cryptography not installed" in str(e)
-
- @skip_if_nocryptography()
- def test_ssl_ocsp_called_withcrypto(self, request):
- r = self._create_oscp_conn(request)
- with pytest.raises(ConnectionError) as e:
- assert r.ping()
- assert "No AIA information present in ssl certificate" in str(e)
-
- # rediss://, url based
- ssl_url = request.config.option.redis_ssl_url
- sslclient = redis.from_url(ssl_url)
- with pytest.raises(ConnectionError) as e:
- sslclient.ping()
- assert "No AIA information present in ssl certificate" in str(e)
-
- @skip_if_nocryptography()
- def test_valid_ocsp_cert_http(self):
- from redis.ocsp import OCSPVerifier
-
- hostnames = ["github.com", "aws.amazon.com", "ynet.co.il", "microsoft.com"]
- for hostname in hostnames:
- context = ssl.create_default_context()
- with socket.create_connection((hostname, 443)) as sock:
- with context.wrap_socket(sock, server_hostname=hostname) as wrapped:
- ocsp = OCSPVerifier(wrapped, hostname, 443)
- assert ocsp.is_valid()
-
- @skip_if_nocryptography()
- def test_revoked_ocsp_certificate(self):
- from redis.ocsp import OCSPVerifier
-
- context = ssl.create_default_context()
- hostname = "revoked.badssl.com"
- with socket.create_connection((hostname, 443)) as sock:
- with context.wrap_socket(sock, server_hostname=hostname) as wrapped:
- ocsp = OCSPVerifier(wrapped, hostname, 443)
- assert ocsp.is_valid() is False
-
- @skip_if_nocryptography()
- def test_unauthorized_ocsp(self):
- from redis.ocsp import OCSPVerifier
-
- context = ssl.create_default_context()
- hostname = "stackoverflow.com"
- with socket.create_connection((hostname, 443)) as sock:
- with context.wrap_socket(sock, server_hostname=hostname) as wrapped:
- ocsp = OCSPVerifier(wrapped, hostname, 443)
- with pytest.raises(ConnectionError):
- ocsp.is_valid()
-
- @skip_if_nocryptography()
- def test_ocsp_not_present_in_response(self):
- from redis.ocsp import OCSPVerifier
-
- context = ssl.create_default_context()
- hostname = "google.co.il"
- with socket.create_connection((hostname, 443)) as sock:
- with context.wrap_socket(sock, server_hostname=hostname) as wrapped:
- ocsp = OCSPVerifier(wrapped, hostname, 443)
- assert ocsp.is_valid() is False
-
- @skip_if_nocryptography()
- def test_unauthorized_then_direct(self):
- from redis.ocsp import OCSPVerifier
-
- # these certificates on the socket end return unauthorized
- # then the second call succeeds
- hostnames = ["wikipedia.org", "squarespace.com"]
- for hostname in hostnames:
- context = ssl.create_default_context()
- with socket.create_connection((hostname, 443)) as sock:
- with context.wrap_socket(sock, server_hostname=hostname) as wrapped:
- ocsp = OCSPVerifier(wrapped, hostname, 443)
- assert ocsp.is_valid()
--
2.34.1
# Maintainer: Eivind Uggedal <eu@eju.no>
pkgname=py3-redis
_pkgname=redis
pkgver=4.0.2
pkgrel=1
pkgver=4.1.0
pkgrel=0
pkgdesc="Python3 client for Redis key-value store"
url="https://github.com/andymccurdy/redis-py"
arch="noarch"
......@@ -13,6 +13,7 @@ checkdepends="py3-pytest py3-mock redis"
source="
https://files.pythonhosted.org/packages/source/${_pkgname:0:1}/$_pkgname/$_pkgname-$pkgver.tar.gz
0001-all-remove-support-for-nonfree-Redis-modules.patch
0002-Drop-tests-test_ssl.py.patch
"
builddir="$srcdir"/$_pkgname-$pkgver
......@@ -34,6 +35,7 @@ package() {
}
sha512sums="
3f73ddd2ceb551fa447cfb4ecdc1d393957bbfd8c184ae3d357f9f47fff860f1c4684ec0fc3cb85fea530454456c17a98a2a56e592bef4cd9ad17bb405c1a0f7 redis-4.0.2.tar.gz
f2f890e147bd76311b6aa9d0bbdab64f44c46a52e450c7c6ca2c9eddcf30e0a6ed8e962950dc98d0160a45eb68580399707ff6a12a17c56a768382814deab626 0001-all-remove-support-for-nonfree-Redis-modules.patch
85cd09570f4faf34a735befd0677aa8ca2cb0d62b0285c4c040380c2440f2774e47762ec4219381294465343353a15804b96f06b4d6eefa7159a224eb9e72001 redis-4.1.0.tar.gz
b1dd96aeb6129f121108fac3c1ad033b1b657287fb0f959bc7fcab997b26c4b91cc7c0df6f86d6d2ac283951956a4a38826647f0e744514ce5031cf3917d1746 0001-all-remove-support-for-nonfree-Redis-modules.patch
5184efc472ad16020240e57222f906656b1f6db5139d37de22b34298c7a15c9b91f5c2d976f6c8455071459d2ff273f75f6bf76f3f46990bacec6673a83a2872 0002-Drop-tests-test_ssl.py.patch
"
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment