Ejemplos de create_signed_cert en Python

Ejemplo n.º 1

Archivo: test-metrics-bridge.py Proyecto: stouset/ghostunnel

received_metrics = None

class FakeMetricsBridgeHandler(http.server.BaseHTTPRequestHandler):
  def do_POST(self):
    global received_metrics
    print_ok("handling POST to fake bridge")
    length = int(self.headers['Content-Length'])
    received_metrics = json.loads(self.rfile.read(length).decode('utf-8'))

if __name__ == "__main__":
  ghostunnel = None
  try:
    # Step 1: create certs
    create_root_cert('root')
    create_signed_cert('server', 'root')
    create_signed_cert('new_server', 'root')
    create_signed_cert('client1', 'root')

    httpd = http.server.HTTPServer(('localhost',13080), FakeMetricsBridgeHandler)
    server = threading.Thread(target=httpd.handle_request)
    server.start()

    # Step 2: start ghostunnel
    ghostunnel = Popen(['../ghostunnel', '--listen={0}:13001'.format(LOCALHOST),
      '--target={0}:13100'.format(LOCALHOST), '--keystore=server.p12',
      '--storepass='******'--cacert=root.crt', '--allow-ou=client1',
      '--status={0}:13100'.format(LOCALHOST), '--metrics-url=http://localhost:13080/post'])

    # Step 3: wait for metrics to post
    for i in range(0, 10):

Ejemplo n.º 2

Archivo: test-handles-client-closes-connection.py Proyecto: zhuyue1314/ghostunnel

#!/usr/local/bin/python

# Creates a ghostunnel. Ensures when client disconnects that the server
# connection also disconnects.

from subprocess import Popen
from test_common import create_root_cert, create_signed_cert, LOCALHOST, SocketPair, print_ok, cleanup_certs
import socket, ssl

if __name__ == "__main__":
    ghostunnel = None
    try:
        # Step 1: create certs
        # root, ou=server, ou=client, ou=other_client
        create_root_cert('root')
        create_signed_cert('server', 'root')
        create_signed_cert('client1', 'root')

        # Step 2: start ghostunnel
        ghostunnel = Popen([
            '../ghostunnel', '--listen={0}:13001'.format(LOCALHOST),
            '--target={0}:13000'.format(LOCALHOST), '--keystore=server.p12',
            '--storepass='******'--cacert=root.crt', '--allow-ou=client1'
        ])

        # Step 3: connect with client1, confirm that the tunnel is up
        pair = SocketPair('client1', 13001, 13000)
        pair.validate_can_send_from_client("hello world",
                                           "1: client -> server")
        pair.validate_can_send_from_server("hello world",
                                           "1: server -> client")

Ejemplo n.º 3

#!/usr/bin/env python3

# Creates a ghostunnel. Ensures client1 can connect but that clients with
# ou=client2 or ca=other_root can't connect.

from subprocess import Popen
from test_common import create_root_cert, create_signed_cert, LOCALHOST, SocketPair, print_ok, cleanup_certs
import socket, ssl

if __name__ == "__main__":
  ghostunnel = None
  try:
    # Step 1: create certs
    create_root_cert('root')
    create_signed_cert('server', 'root')
    create_signed_cert('client1', 'root')
    create_signed_cert('client2', 'root')

    create_root_cert('other_root')
    create_signed_cert('other_client1', 'other_root')

    # Step 2: start ghostunnel
    ghostunnel = Popen(['../ghostunnel', '--listen={0}:13001'.format(LOCALHOST),
      '--target={0}:13000'.format(LOCALHOST), '--keystore=server.p12',
      '--storepass='******'--cacert=root.crt', '--allow-ou=client1'])

    # Step 3: connect with client1, confirm that the tunnel is up
    pair = SocketPair('client1', 13001, 13000)
    pair.validate_can_send_from_client("hello world", "1: client -> server")
    pair.validate_can_send_from_server("hello world", "1: server -> client")
    pair.validate_closing_client_closes_server("1: client closed -> server closed")

Ejemplo n.º 4

        p.validate_closing_client_closes_server(
            "{0} client close -> server close".format(i))
    else:
        p.validate_closing_server_closes_client(
            "{0} server close -> client close".format(i))


if __name__ == "__main__":
    ghostunnel = None
    n_clients = 10
    certs = ['root', 'server']
    allow_ou = []
    try:
        # Step 1: create certs
        create_root_cert('root')
        create_signed_cert('server', 'root')
        for i in range(1, n_clients):
            create_signed_cert("client{0}".format(i), 'root')
            certs.append("client{0}".format(i))
            allow_ou.append("--allow-ou=client{0}".format(i))

        # Step 2: start ghostunnel
        ghostunnel = Popen([
            '../ghostunnel', '--listen={0}:13001'.format(
                LOCALHOST), '--target={0}:13000'.format(LOCALHOST),
            '--keystore=server.p12', '--storepass='******'--cacert=root.crt'
        ] + allow_ou)

        # Step 3: clients should be able to communicate all at the same time.
        proc = []
        for i in range(1, n_clients):

Ejemplo n.º 5

Archivo: test-status-port.py Proyecto: zhuyue1314/ghostunnel

#!/usr/local/bin/python

# Creates a ghostunnel. Ensures that /_status endpoint works.

from subprocess import Popen
from test_common import create_root_cert, create_signed_cert, LOCALHOST, SocketPair, print_ok, cleanup_certs
import urllib2, socket, ssl, time, os, signal, json

if __name__ == "__main__":
    ghostunnel = None
    try:
        # Step 1: create certs
        create_root_cert("root")
        create_signed_cert("server", "root")
        create_signed_cert("new_server", "root")
        create_signed_cert("client1", "root")

        # Step 2: start ghostunnel
        ghostunnel = Popen(
            [
                "../ghostunnel",
                "--listen={0}:13001".format(LOCALHOST),
                "--target={0}:13100".format(LOCALHOST),
                "--keystore=server.p12",
                "--storepass="******"--cacert=root.crt",
                "--allow-ou=client1",
                "--status-port=13100",
            ]
        )

Ejemplo n.º 6

Archivo: test-concurrent-connections.py Proyecto: zhuyue1314/ghostunnel

  r = random.random()
  if r < 0.5:
    p.validate_closing_client_closes_server("{0} client close -> server close".format(i))
  else:
    p.validate_closing_server_closes_client("{0} server close -> client close".format(i))


if __name__ == "__main__":
  ghostunnel = None
  n_clients = 10
  certs = ['root', 'server']
  allow_ou = []
  try:
    # Step 1: create certs
    create_root_cert('root')
    create_signed_cert('server', 'root')
    for i in range(1, n_clients):
      create_signed_cert("client{0}".format(i), 'root')
      certs.append("client{0}".format(i))
      allow_ou.append("--allow-ou=client{0}".format(i))

    # Step 2: start ghostunnel
    ghostunnel = Popen(['../ghostunnel', '--listen={0}:13001'.format(LOCALHOST),
      '--target={0}:13000'.format(LOCALHOST), '--keystore=server.p12',
      '--storepass='******'--cacert=root.crt'] + allow_ou)

    # Step 3: clients should be able to communicate all at the same time.
    proc = []
    for i in range(1, n_clients):
      pair = SocketPair("client{0}".format(i), 13001, 13000)
      p = Process(target=send_data, args=(i,pair,))