From 5197e586541726ccddbfff3d653d4c64e295e25e Mon Sep 17 00:00:00 2001 From: Christian Heimes Date: Fri, 15 Dec 2017 13:06:26 +0100 Subject: [PATCH] Add reproducer for NSS callback issue The new test case simply creates 10 connections and calls start_tls_s() after OPT_X_TLS_NEWCTX. https://github.com/python-ldap/python-ldap/pull/134 See: https://github.com/python-ldap/python-ldap/issues/60 Signed-off-by: Christian Heimes --- Tests/t_ldapobject.py | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/Tests/t_ldapobject.py b/Tests/t_ldapobject.py index e417fc1..62591d7 100644 --- a/Tests/t_ldapobject.py +++ b/Tests/t_ldapobject.py @@ -23,7 +23,7 @@ import warnings import pickle import warnings -from slapdtest import SlapdTestCase, requires_sasl +from slapdtest import SlapdTestCase, requires_sasl, requires_tls # Switch off processing .ldaprc or ldap.conf before importing _ldap os.environ['LDAPNOINIT'] = '1' @@ -418,6 +418,20 @@ def test_byteswarning_initialize(self): self._check_byteswarning( w[0], u"Under Python 2, python-ldap uses bytes by default.") + @requires_tls() + def test_multiple_starttls(self): + # Test for openldap does not re-register nss shutdown callbacks + # after nss_Shutdown is called + # https://github.com/python-ldap/python-ldap/issues/60 + # https://bugzilla.redhat.com/show_bug.cgi?id=1520990 + for _ in range(10): + l = self.ldap_object_class(self.server.ldap_uri) + l.set_option(ldap.OPT_X_TLS_CACERTFILE, self.server.cafile) + l.set_option(ldap.OPT_X_TLS_NEWCTX, 0) + l.start_tls_s() + l.simple_bind_s(self.server.root_dn, self.server.root_pw) + self.assertEqual(l.whoami_s(), 'dn:' + self.server.root_dn) + class Test01_ReconnectLDAPObject(Test00_SimpleLDAPObject): """