From 040a1e77438b2ca3d7e9ba925ed41eddc701e883 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Freitag?= Date: Mon, 9 Nov 2020 22:26:02 +0100 Subject: [PATCH] linkcheck: test invalid SSL is reported as broken `linkcheck` logic suggests that SSL errors were originally expected to be ignored. Blaming the corresponding lines point to issue #3008: linkcheck to website with self-signed certificates. That issue was fixed by commit 4c7bec6460ae6154705bfd023e363e458f16d1b6, which ignored SSL errors. Probably because back then, users could not specify a CA bundle. A broken SSL certificate is a real issue, it should not be ignored. Users wishing to ignore issues for a specific link can use the `linkcheck_ignore` option. The current behavior is to report the site as broken, keep it. --- .../test-linkcheck-localserver-https/conf.py | 1 + .../index.rst | 1 + tests/test_build_linkcheck.py | 20 +++++++++++++++++++ 3 files changed, 22 insertions(+) create mode 100644 tests/roots/test-linkcheck-localserver-https/conf.py create mode 100644 tests/roots/test-linkcheck-localserver-https/index.rst diff --git a/tests/roots/test-linkcheck-localserver-https/conf.py b/tests/roots/test-linkcheck-localserver-https/conf.py new file mode 100644 index 000000000..a45d22e28 --- /dev/null +++ b/tests/roots/test-linkcheck-localserver-https/conf.py @@ -0,0 +1 @@ +exclude_patterns = ['_build'] diff --git a/tests/roots/test-linkcheck-localserver-https/index.rst b/tests/roots/test-linkcheck-localserver-https/index.rst new file mode 100644 index 000000000..fea598359 --- /dev/null +++ b/tests/roots/test-linkcheck-localserver-https/index.rst @@ -0,0 +1 @@ +`HTTPS server `_ diff --git a/tests/test_build_linkcheck.py b/tests/test_build_linkcheck.py index 683540baa..d7c254f4d 100644 --- a/tests/test_build_linkcheck.py +++ b/tests/test_build_linkcheck.py @@ -269,3 +269,23 @@ def test_follows_redirects_on_GET(app, capsys): 127.0.0.1 - - [] "GET /?redirected=1 HTTP/1.1" 204 - """ ) + +@pytest.mark.sphinx('linkcheck', testroot='linkcheck-localserver-https', freshenv=True) +def test_invalid_ssl(app, status, warning): + # Link indicates SSL should be used (https) but the server does not handle it. + class OKHandler(http.server.BaseHTTPRequestHandler): + def do_GET(self): + self.send_response(200, "OK") + self.end_headers() + self.wfile.write(b"ok\n") + + with http_server(OKHandler): + app.builder.build_all() + + with open(app.outdir / 'output.json') as fp: + content = json.load(fp) + assert content["status"] == "broken" + assert content["filename"] == "index.rst" + assert content["lineno"] == 1 + assert content["uri"] == "https://localhost:7777/" + assert "SSLError" in content["info"]