Skip to content
This repository has been archived by the owner on Jul 13, 2023. It is now read-only.

Commit

Permalink
Merge pull request #1337 from mozilla-services/chore/1336
Browse files Browse the repository at this point in the history
chore: bump to the latest twisted per CVE-2019-12387
  • Loading branch information
pjenvey authored Jun 25, 2019
2 parents 5d7fff7 + 2a8c643 commit 3f9c5d0
Show file tree
Hide file tree
Showing 4 changed files with 28 additions and 16 deletions.
4 changes: 2 additions & 2 deletions autopush/tests/test_fcmclient.py
Original file line number Diff line number Diff line change
Expand Up @@ -96,8 +96,8 @@ def test_fail_401(self):
def test_fail_500(self):
self._m_response.code = 500
content = "OMG"
self._m_response.headers.addRawHeader('Retry-After', 123)
self._m_response.headers.addRawHeader('Retry-After', "123")
self._m_resp_text.callback(content)
self._m_request.callback(self._m_response)
result = yield self.fcm.send("token", self.m_payload)
assert result.retry_after == 123
assert result.retry_after == "123"
4 changes: 2 additions & 2 deletions autopush/tests/test_gcmclient.py
Original file line number Diff line number Diff line change
Expand Up @@ -193,9 +193,9 @@ def test_fail_401(self):
def test_fail_500(self):
self._m_response.code = 500
content = "OMG"
self._m_response.headers.addRawHeader('Retry-After', 123)
self._m_response.headers.addRawHeader('Retry-After', "123")
self._m_resp_text.callback(content)
self._m_request.callback(self._m_response)
result = yield self.gcm.send(self.m_payload)
assert 'some_reg_id' in result.retry_message.registration_ids
assert result.retry_after == 123
assert result.retry_after == "123"
29 changes: 19 additions & 10 deletions autopush/tests/test_integration.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
import logging
import os
import random
import socket
import sys
import time
import urlparse
Expand Down Expand Up @@ -2438,16 +2439,24 @@ def endpoint_kwargs(self):
def test_proxy_protocol(self):
port = self.ep.conf.proxy_protocol_port
ip = '198.51.100.22'
proto_line = 'PROXY TCP4 {} 203.0.113.7 35646 80\r\n'.format(ip)
# the proxy proto. line comes before the request: we can sneak
# it in before the verb
response, body = yield _agent(
'{}GET'.format(proto_line),
"http://localhost:{}/v1/err".format(port),
)
assert response.code == 418
payload = json.loads(body)
assert payload['error'] == "Test Error"
req = """\
PROXY TCP4 {} 203.0.113.7 35646 80\r
GET /v1/err HTTP/1.1\r
Host: 127.0.0.1\r
\r\n""".format(ip)

def proxy_request():
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect(("localhost", port))
try:
sock.sendall(req)
return sock.recv(4096)
finally:
sock.close()

response = yield deferToThread(proxy_request)
assert response.startswith("HTTP/1.1 418 ")
assert "Test Error" in response
assert self.logs.logged_ci(lambda ci: ci.get('remote_ip') == ip)

@inlineCallbacks
Expand Down
7 changes: 5 additions & 2 deletions requirements.txt
Original file line number Diff line number Diff line change
Expand Up @@ -67,12 +67,15 @@ rsa==4.0 # via google-auth, oauth2client, python-jose
s3transfer==0.1.13 # via boto3
service-identity==18.1.0
simplejson==3.16.0
six==1.12.0 # via autobahn, automat, cryptography, firebase-admin, google-api-core, google-auth, google-resumable-media, grpcio, marshmallow-polyfield, oauth2client, protobuf, pyhamcrest, pyopenssl, python-dateutil, python-jose, treq, txaio
six==1.12.0 # via autobahn, automat, cryptography, firebase-admin, google-api-core, google-auth, google-resumable-media, grpcio, oauth2client, protobuf, pyhamcrest, pyopenssl, python-dateutil, python-jose, treq, txaio
treq==18.6.0
twisted[tls]==18.9.0
twisted[tls]==19.2.1
txaio==18.8.1 # via autobahn
typing==3.6.6
ua-parser==0.8.0
urllib3==1.24.2 # via botocore, requests
wsaccel==0.6.2 ; platform_python_implementation == "CPython"
zope.interface==4.6.0

# The following packages are considered to be unsafe in a requirements file:
# setuptools==41.0.1 # via google-api-core, protobuf, pyhamcrest, zope.interface

0 comments on commit 3f9c5d0

Please sign in to comment.