def listen_ssl_socket(address=('127.0.0.1', 0)):
sock = util.wrap_ssl(socket.socket(), certificate_file,
private_key_file, True)
sock.bind(address)
sock.listen(50)
return sock
def test_connect_ssl(self):
def accept_once(listenfd):
try:
conn, addr = listenfd.accept()
conn.write(b'hello\r\n')
greenio.shutdown_safe(conn)
conn.close()
finally:
greenio.shutdown_safe(listenfd)
listenfd.close()
server = api.ssl_listener(('0.0.0.0', 0),
self.certificate_file,
self.private_key_file)
api.spawn(accept_once, server)
raw_client = eventlet.connect(('127.0.0.1', server.getsockname()[1]))
client = util.wrap_ssl(raw_client)
fd = socket._fileobject(client, 'rb', 8192)
assert fd.readline() == b'hello\r\n'
try:
self.assertEqual(b'', fd.read(10))
except greenio.SSL.ZeroReturnError:
# if it's a GreenSSL object it'll do this
pass
greenio.shutdown_safe(client)
client.close()
check_hub()
def listen_ssl_socket(address=('127.0.0.1', 0)):
sock = util.wrap_ssl(socket.socket(), certfile,
keyfile, True)
sock.bind(address)
sock.listen(5000)
return sock
def listen_ssl_socket(address=('127.0.0.1', 0)):
sock = util.wrap_ssl(socket.socket(), certificate_file, private_key_file,
True)
sock.bind(address)
sock.listen(50)
return sock
def test_connect_ssl(self):
def accept_once(listenfd):
try:
conn, addr = listenfd.accept()
conn.write(b'hello\r\n')
greenio.shutdown_safe(conn)
conn.close()
finally:
greenio.shutdown_safe(listenfd)
listenfd.close()
server = api.ssl_listener(('0.0.0.0', 0), self.certificate_file,
self.private_key_file)
api.spawn(accept_once, server)
raw_client = eventlet.connect(('127.0.0.1', server.getsockname()[1]))
client = util.wrap_ssl(raw_client)
fd = socket._fileobject(client, 'rb', 8192)
assert fd.readline() == b'hello\r\n'
try:
self.assertEqual(b'', fd.read(10))
except greenio.SSL.ZeroReturnError:
# if it's a GreenSSL object it'll do this
pass
greenio.shutdown_safe(client)
client.close()
check_hub()
def serve():
sock, addr = listener.accept()
self.assertEquals(sock.recv(6), 'before')
sock_ssl = util.wrap_ssl(sock, certificate_file, private_key_file,
server_side=True)
sock_ssl.do_handshake()
self.assertEquals(sock_ssl.read(6), 'during')
sock2 = sock_ssl.unwrap()
self.assertEquals(sock2.recv(5), 'after')
sock2.close()
def serve():
sock, addr = listener.accept()
self.assertEquals(sock.recv(6), 'before')
sock_ssl = util.wrap_ssl(sock, certificate_file, private_key_file,
server_side=True)
sock_ssl.do_handshake()
self.assertEquals(sock_ssl.read(6), 'during')
sock2 = sock_ssl.unwrap()
self.assertEquals(sock2.recv(5), 'after')
sock2.close()
def test_duplex_response(self):
def serve(listener):
sock, addr = listener.accept()
stuff = sock.read(8192)
sock.write('response')
sock = listen_ssl_socket()
server_coro = eventlet.spawn(serve, sock)
client = util.wrap_ssl(eventlet.connect(('127.0.0.1', sock.getsockname()[1])))
client.write('line 1\r\nline 2\r\n\r\n')
self.assertEquals(client.read(8192), 'response')
server_coro.wait()
def test_duplex_response(self):
def serve(listener):
sock, addr = listener.accept()
stuff = sock.read(8192)
sock.write('response')
sock = listen_ssl_socket()
server_coro = eventlet.spawn(serve, sock)
client = util.wrap_ssl(eventlet.connect(('127.0.0.1', sock.getsockname()[1])))
client.write('line 1\r\nline 2\r\n\r\n')
self.assertEquals(client.read(8192), 'response')
server_coro.wait()
def test_ssl_connect(self):
def serve(listener):
sock, addr = listener.accept()
stuff = sock.read(8192)
sock = listen_ssl_socket()
server_coro = eventlet.spawn(serve, sock)
raw_client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
ssl_client = util.wrap_ssl(raw_client)
ssl_client.connect(('127.0.0.1', sock.getsockname()[1]))
ssl_client.write('abc')
greenio.shutdown_safe(ssl_client)
ssl_client.close()
server_coro.wait()
def test_ssl_connect(self):
def serve(listener):
sock, addr = listener.accept()
stuff = sock.read(8192)
sock = listen_ssl_socket()
server_coro = eventlet.spawn(serve, sock)
raw_client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
ssl_client = util.wrap_ssl(raw_client)
ssl_client.connect(('127.0.0.1', sock.getsockname()[1]))
ssl_client.write('abc')
greenio.shutdown_safe(ssl_client)
ssl_client.close()
server_coro.wait()
def ssl_listener(address, certificate, private_key):
"""Listen on the given (ip, port) *address* with a TCP socket that
can do SSL. Primarily useful for unit tests, don't use in production.
*certificate* and *private_key* should be the filenames of the appropriate
certificate and private key files to use with the SSL socket.
Returns a socket object on which one should call ``accept()`` to
accept a connection on the newly bound socket.
"""
from eventlet import util
import socket
socket = util.wrap_ssl(socket.socket(), certificate, private_key, True)
socket.bind(address)
socket.listen(50)
return socket
def ssl_listener(address, certificate, private_key):
"""Listen on the given (ip, port) *address* with a TCP socket that
can do SSL. Primarily useful for unit tests, don't use in production.
*certificate* and *private_key* should be the filenames of the appropriate
certificate and private key files to use with the SSL socket.
Returns a socket object on which one should call ``accept()`` to
accept a connection on the newly bound socket.
"""
from eventlet import util
import socket
socket = util.wrap_ssl(socket.socket(), certificate, private_key, True)
socket.bind(address)
socket.listen(50)
return socket
def test_ssl_close(self):
def serve(listener):
sock, addr = listener.accept()
stuff = sock.read(8192)
try:
self.assertEquals("", sock.read(8192))
except greenio.SSL.ZeroReturnError:
pass
sock = listen_ssl_socket()
server_coro = eventlet.spawn(serve, sock)
raw_client = eventlet.connect(('127.0.0.1', sock.getsockname()[1]))
client = util.wrap_ssl(raw_client)
client.write('X')
greenio.shutdown_safe(client)
client.close()
server_coro.wait()
def ssl_listener(address, certificate, private_key):
"""Listen on the given (ip, port) *address* with a TCP socket that
can do SSL.
*certificate* and *private_key* should be the filenames of the appropriate
certificate and private key files to use with the SSL socket.
Returns a socket object on which one should call ``accept()`` to
accept a connection on the newly bound socket.
Generally, the returned socket will be passed to ``tcp_server()``,
which accepts connections forever and spawns greenlets for
each incoming connection.
"""
from eventlet import util
socket = util.wrap_ssl(util.tcp_socket(), certificate, private_key)
util.socket_bind_and_listen(socket, address)
socket.is_secure = True
return socket
def test_ssl_close(self):
def serve(listener):
sock, addr = listener.accept()
stuff = sock.read(8192)
try:
self.assertEquals("", sock.read(8192))
except greenio.SSL.ZeroReturnError:
pass
sock = listen_ssl_socket()
server_coro = eventlet.spawn(serve, sock)
raw_client = eventlet.connect(('127.0.0.1', sock.getsockname()[1]))
client = util.wrap_ssl(raw_client)
client.write('X')
greenio.shutdown_safe(client)
client.close()
server_coro.wait()
def test_ssl_unwrap(self):
def serve():
sock, addr = listener.accept()
self.assertEquals(sock.recv(6), 'before')
sock_ssl = util.wrap_ssl(sock, certificate_file, private_key_file,
server_side=True)
sock_ssl.do_handshake()
self.assertEquals(sock_ssl.read(6), 'during')
sock2 = sock_ssl.unwrap()
self.assertEquals(sock2.recv(5), 'after')
sock2.close()
listener = eventlet.listen(('127.0.0.1', 0))
server_coro = eventlet.spawn(serve)
client = eventlet.connect((listener.getsockname()))
client.send('before')
client_ssl = util.wrap_ssl(client)
client_ssl.do_handshake()
client_ssl.write('during')
client2 = client_ssl.unwrap()
client2.send('after')
server_coro.wait()
def test_sendall_cpu_usage(self):
"""SSL socket.sendall() busy loop
https://bitbucket.org/eventlet/eventlet/issue/134/greenssl-performance-issues
Idea of this test is to check that GreenSSLSocket.sendall() does not busy loop
retrying .send() calls, but instead trampolines until socket is writeable.
BUFFER_SIZE and SENDALL_SIZE are magic numbers inferred through trial and error.
"""
# Time limit resistant to busy loops
self.set_alarm(1)
stage_1 = eventlet.event.Event()
BUFFER_SIZE = 1000
SENDALL_SIZE = 100000
def serve(listener):
conn, _ = listener.accept()
conn.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, BUFFER_SIZE)
self.assertEqual(conn.read(8), b'request')
conn.write(b'response')
stage_1.wait()
conn.sendall(b'x' * SENDALL_SIZE)
server_sock = listen_ssl_socket()
server_coro = eventlet.spawn(serve, server_sock)
client_sock = eventlet.connect(server_sock.getsockname())
client_sock.setsockopt(socket.SOL_SOCKET, socket.SO_RCVBUF,
BUFFER_SIZE)
client = util.wrap_ssl(client_sock)
client.write(b'request')
self.assertEqual(client.read(8), b'response')
stage_1.send()
check_idle_cpu_usage(0.2, 0.1)
server_coro.kill()
def test_connect_ssl(self):
def accept_once(listenfd):
try:
conn, addr = listenfd.accept()
fl = conn.makeGreenFile('w')
fl.write('hello\r\n')
fl.close()
conn.close()
finally:
listenfd.close()
server = api.ssl_listener(('0.0.0.0', 0), self.certificate_file,
self.private_key_file)
api.spawn(accept_once, server)
client = util.wrap_ssl(
api.connect_tcp(('127.0.0.1', server.getsockname()[1])))
client = client.makeGreenFile()
assert client.readline() == 'hello\r\n'
assert client.read() == ''
client.close()
def test_ssl_unwrap(self):
def serve():
sock, addr = listener.accept()
self.assertEquals(sock.recv(6), 'before')
sock_ssl = util.wrap_ssl(sock, certificate_file, private_key_file,
server_side=True)
sock_ssl.do_handshake()
self.assertEquals(sock_ssl.read(6), 'during')
sock2 = sock_ssl.unwrap()
self.assertEquals(sock2.recv(5), 'after')
sock2.close()
listener = eventlet.listen(('127.0.0.1', 0))
server_coro = eventlet.spawn(serve)
client = eventlet.connect((listener.getsockname()))
client.send('before')
client_ssl = util.wrap_ssl(client)
client_ssl.do_handshake()
client_ssl.write('during')
client2 = client_ssl.unwrap()
client2.send('after')
server_coro.wait()
def test_sendall_cpu_usage(self):
"""SSL socket.sendall() busy loop
https://bitbucket.org/eventlet/eventlet/issue/134/greenssl-performance-issues
Idea of this test is to check that GreenSSLSocket.sendall() does not busy loop
retrying .send() calls, but instead trampolines until socket is writeable.
BUFFER_SIZE and SENDALL_SIZE are magic numbers inferred through trial and error.
"""
# Time limit resistant to busy loops
self.set_alarm(1)
stage_1 = eventlet.event.Event()
BUFFER_SIZE = 1000
SENDALL_SIZE = 100000
def serve(listener):
conn, _ = listener.accept()
conn.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, BUFFER_SIZE)
self.assertEqual(conn.read(8), 'request')
conn.write('response')
stage_1.wait()
conn.sendall('x' * SENDALL_SIZE)
server_sock = listen_ssl_socket()
server_coro = eventlet.spawn(serve, server_sock)
client_sock = eventlet.connect(server_sock.getsockname())
client_sock.setsockopt(socket.SOL_SOCKET, socket.SO_RCVBUF, BUFFER_SIZE)
client = util.wrap_ssl(client_sock)
client.write('request')
self.assertEqual(client.read(8), 'response')
stage_1.send()
check_idle_cpu_usage(0.2, 0.1)
server_coro.kill()
def test_connect_ssl(self):
def accept_once(listenfd):
try:
conn, addr = listenfd.accept()
fl = conn.makeGreenFile('w')
fl.write('hello\r\n')
fl.close()
conn.close()
finally:
listenfd.close()
server = api.ssl_listener(('0.0.0.0', 0),
self.certificate_file,
self.private_key_file)
api.spawn(accept_once, server)
client = util.wrap_ssl(
api.connect_tcp(('127.0.0.1', server.getsockname()[1])))
client = client.makeGreenFile()
assert client.readline() == 'hello\r\n'
assert client.read() == ''
client.close()
def ssl(sock, certificate=None, private_key=None):
from eventlet import util
wrapped = util.wrap_ssl(sock, certificate, private_key)
return GreenSSLObject(wrapped)
import eventlet
import socket
from eventlet import util
import os
certfile = "/home/hill/git/ospaas/examples/pki/certs/ssl_cert.pem"
keyfile = "/home/hill/git/ospaas/examples/pki/private/ssl_key.pem"
def listen_ssl_socket(address=('127.0.0.1', 0)):
sock = util.wrap_ssl(socket.socket(), certfile,
keyfile, True)
sock.bind(address)
sock.listen(5000)
return sock
def serve(listener):
sock, addr = listener.accept()
stuff = sock.read(8192)
sock.write('response')
sock = listen_ssl_socket()
server_coro = eventlet.spawn(serve, sock)
client = util.wrap_ssl(eventlet.connect(('127.0.0.1', sock.getsockname()[1])))
client.write('line 1\r\nline 2\r\n\r\n')
print client.read(8192)
server_coro.wait()
def ssl(sock, certificate=None, private_key=None):
from eventlet import util
wrapped = util.wrap_ssl(sock, certificate, private_key)
return GreenSSLObject(wrapped)
