def test_that_ssl_server_adapter_gets_used_when_ssl_config_is_provided(
self, run_mock, ssl_adapter_mock):
server = RESTfulServer(RESTfulServerTest.ssl_config,
RESTfulServerTest.mock_users,
RESTfulServerTest.mock_authenticator,
RESTfulServerTest.mock_provider)
# when
server.serve_forever()
expected_ca_certs = None # which means system ciphers
expected_ciphers = DEFAULT_CIPHERS
expected_ssl_version = latest_available_ssl_version()
expected_host = '127.0.0.1'
expected_port = 4443
expected_certfile = certfile()
expected_keyfile = keyfile()
ssl_adapter_mock.assert_called_once_with(
ssl_ca_certs=expected_ca_certs,
ssl_ciphers=expected_ciphers,
ssl_version=expected_ssl_version,
host=expected_host,
port=expected_port,
ssl_cert_file=expected_certfile,
ssl_key_file=expected_keyfile)
def ssl_options(self):
if self._certfile:
return {
'certfile': os.path.join(self._certfile),
'keyfile': os.path.join(self._keyfile),
'ssl_version': latest_available_ssl_version(),
'ciphers': DEFAULT_CIPHERS
}
else:
return None
def ssl_options(self):
if self._certfile:
return {
'certfile': os.path.join(self._certfile),
'keyfile': os.path.join(self._keyfile),
'ssl_version': latest_available_ssl_version(),
'ciphers': DEFAULT_CIPHERS
}
else:
return None
def run_manager():
parser = argparse.ArgumentParser(description='Multipile', )
parser.add_argument('-r', '--root_path', help='The rootpath for mailpile')
parser.add_argument('-m', '--mailpile_bin', help='The mailpile executable', default='mailpile')
parser.add_argument('-b', '--backend', help='the backend to use', default='fork', choices=['fork', 'docker'])
parser.add_argument('--bind', help="bind to interface. Default 127.0.0.1", default='127.0.0.1')
parser.add_argument('--sslcert', help='The SSL certficate to use', default=None)
parser.add_argument('--sslkey', help='The SSL key to use', default=None)
parser.add_argument('--debug', help='Set log level to debug', default=False, action='store_true')
parser.add_argument('--daemon', help='start in daemon mode and put process into background', default=False, action='store_true')
parser.add_argument('--pidfile', help='path for pid file. By default none is created', default=None)
parser.add_argument('--log-config', help='Provide a python logging config file', default=None)
parser.add_argument('--leap-provider', '-lp', help='Specify the LEAP provider this dispatcher will connect to', default='localhost')
parser.add_argument('--leap-provider-ca', '-lpc', dest='leap_provider_ca', help='Specify the LEAP provider CA to use to validate connections', default=True)
parser.add_argument('--leap-provider-fingerprint', '-lpf', dest='leap_provider_fingerprint', help='Specify the LEAP provider fingerprint to use to validate connections', default=None)
group = parser.add_mutually_exclusive_group()
group.add_argument('--mailpile-virtualenv', help='Use specified virtual env for mailpile', default=None)
group.add_argument('--auto-mailpile-virtualenv', dest='auto_venv', help='Boostrap virtualenv for mailpile', default=False, action='store_true')
args = parser.parse_args(args=filter_args())
if args.sslcert:
ssl_config = SSLConfig(args.sslcert,
args.sslkey,
latest_available_ssl_version())
else:
ssl_config = None
venv = args.mailpile_virtualenv
mailpile_bin = args.mailpile_bin
if args.auto_venv:
venv, mailpile_bin = prepare_venv(args.root_path)
if args.root_path is None or not os.path.isdir(args.root_path):
raise ValueError('root path %s not found!' % args.root_path)
log_level = logging.DEBUG if args.debug else logging.INFO
log_config = args.log_config
provider_ca = args.leap_provider_ca if args.leap_provider_fingerprint is None else False
manager = DispatcherManager(args.root_path, mailpile_bin, ssl_config, args.leap_provider, mailpile_virtualenv=venv, provider=args.backend, leap_provider_ca=provider_ca, leap_provider_fingerprint=args.leap_provider_fingerprint, bindaddr=args.bind)
if args.daemon:
pidfile = TimeoutPIDLockFile(args.pidfile, acquire_timeout=PID_ACQUIRE_TIMEOUT_IN_S) if args.pidfile else None
can_use_pidfile(pidfile)
with daemon.DaemonContext(pidfile=pidfile):
# init logging only after we have spawned the sub process. Otherwise there might be some hickups
init_logging('manager', level=log_level, config_file=log_config)
manager.serve_forever()
else:
init_logging('manager', level=log_level, config_file=log_config)
manager.serve_forever()
def __init__(self,
ssl_certfile,
ssl_keyfile,
ssl_version=latest_available_ssl_version(),
ssl_ca_certs=None,
ssl_ciphers=DEFAULT_CIPHERS):
self.ssl_certfile = ssl_certfile
self.ssl_keyfile = ssl_keyfile
self.ssl_version = ssl_version
self.ssl_ca_certs = ssl_ca_certs
self.ssl_ciphers = ssl_ciphers
def test_that_ssl_server_adapter_gets_used_when_ssl_config_is_provided(self, run_mock, ssl_adapter_mock):
server = RESTfulServer(RESTfulServerTest.ssl_config, RESTfulServerTest.mock_users, RESTfulServerTest.mock_authenticator, RESTfulServerTest.mock_provider)
# when
server.serve_forever()
expected_ca_certs = None # which means system ciphers
expected_ciphers = DEFAULT_CIPHERS
expected_ssl_version = latest_available_ssl_version()
expected_host = '127.0.0.1'
expected_port = 4443
expected_certfile = certfile()
expected_keyfile = keyfile()
ssl_adapter_mock.assert_called_once_with(ssl_ca_certs=expected_ca_certs, ssl_ciphers=expected_ciphers, ssl_version=expected_ssl_version, host=expected_host, port=expected_port, ssl_cert_file=expected_certfile, ssl_key_file=expected_keyfile)
def test_serve_forever(self, ioloop_factory_mock, http_server_mock):
# given
ioloop_mock = MagicMock()
ioloop_factory_mock.return_value = ioloop_mock
dispatcher = DispatcherProxy(self.client, certfile='/path/to/some/certfile', keyfile='/path/to/some/keyfile')
dispatcher._ioloop = ioloop_mock
# when
dispatcher.serve_forever()
# then
expected_ssl_options = {
'certfile': '/path/to/some/certfile',
'keyfile': '/path/to/some/keyfile',
'ssl_version': latest_available_ssl_version(),
'ciphers': DEFAULT_CIPHERS
}
http_server_mock.assert_called_once_with(ANY, ssl_options=expected_ssl_options)
def run_manager():
parser = argparse.ArgumentParser(description='Multipile', )
parser.add_argument('-r', '--root_path', help='The rootpath for mailpile')
parser.add_argument('-m', '--mailpile_bin', help='The mailpile executable', default='mailpile')
parser.add_argument('-b', '--backend', help='the backend to use (fork|docker)', default='fork')
parser.add_argument('--bind', help="bind to interface. Default 127.0.0.1", default='127.0.0.1')
parser.add_argument('--sslcert', help='The SSL certficate to use', default=None)
parser.add_argument('--sslkey', help='The SSL key to use', default=None)
parser.add_argument('--debug', help='Set log level to debug', default=False, action='store_true')
parser.add_argument('--log-config', help='Provide a python logging config file', default=None)
parser.add_argument('--provider', help='Specify the provider this dispatcher will connect to')
parser.add_argument('--provider-ca', dest='provider_ca', help='Specify the provider CA to use to validate connections', default=True)
group = parser.add_mutually_exclusive_group()
group.add_argument('--mailpile-virtualenv', help='Use specified virtual env for mailpile', default=None)
group.add_argument('--auto-mailpile-virtualenv', dest='auto_venv', help='Boostrap virtualenv for mailpile', default=False, action='store_true')
args = parser.parse_args(args=filter_args())
if args.sslcert:
ssl_config = SSLConfig(args.sslcert,
args.sslkey,
latest_available_ssl_version())
else:
ssl_config = None
venv = args.mailpile_virtualenv
mailpile_bin = args.mailpile_bin
if args.auto_venv:
venv, mailpile_bin = prepare_venv(args.root_path)
if args.root_path is None or not os.path.isdir(args.root_path):
raise ValueError('root path %s not found!' % args.root_path)
log_level = logging.DEBUG if args.debug else logging.INFO
log_config = args.log_config
init_logging('manager', level=log_level, config_file=log_config)
manager = DispatcherManager(args.root_path, mailpile_bin, ssl_config, args.provider, mailpile_virtualenv=venv, provider=args.backend, leap_provider_ca=args.provider_ca, bindaddr=args.bind)
manager.serve_forever()
def test_serve_forever(self, ioloop_factory_mock, http_server_mock):
# given
ioloop_mock = MagicMock()
ioloop_factory_mock.return_value = ioloop_mock
dispatcher = DispatcherProxy(self.client,
certfile='/path/to/some/certfile',
keyfile='/path/to/some/keyfile')
dispatcher._ioloop = ioloop_mock
# when
dispatcher.serve_forever()
# then
expected_ssl_options = {
'certfile': '/path/to/some/certfile',
'keyfile': '/path/to/some/keyfile',
'ssl_version': latest_available_ssl_version(),
'ciphers': DEFAULT_CIPHERS
}
http_server_mock.assert_called_once_with(
ANY, ssl_options=expected_ssl_options)
def init_poolmanager(self, connections, maxsize, block=False):
self.poolmanager = PoolManager(num_pools=connections, maxsize=maxsize,
block=block, ssl_version=latest_available_ssl_version(),
assert_hostname=self._assert_hostname,
assert_fingerprint=self._assert_fingerprint)
def __init__(self, ssl_certfile, ssl_keyfile, ssl_version=latest_available_ssl_version(), ssl_ca_certs=None):
self.ssl_certfile = ssl_certfile
self.ssl_keyfile = ssl_keyfile
self.ssl_version = ssl_version
self.ssl_ca_certs = ssl_ca_certs
def init_poolmanager(self, connections, maxsize, block=False):
self.poolmanager = PoolManager(num_pools=connections, maxsize=maxsize,
block=block, ssl_version=latest_available_ssl_version())
def __init__(self, ssl_certfile, ssl_keyfile, ssl_version=latest_available_ssl_version(), ssl_ca_certs=None, ssl_ciphers=DEFAULT_CIPHERS):
self.ssl_certfile = ssl_certfile
self.ssl_keyfile = ssl_keyfile
self.ssl_version = ssl_version
self.ssl_ca_certs = ssl_ca_certs
self.ssl_ciphers = ssl_ciphers
def run_manager():
parser = argparse.ArgumentParser(description='Multipile', )
parser.add_argument('-r', '--root_path', help='The rootpath for mailpile')
parser.add_argument('-m',
'--mailpile_bin',
help='The mailpile executable',
default='mailpile')
parser.add_argument('-b',
'--backend',
help='the backend to use',
default='fork',
choices=['fork', 'docker'])
parser.add_argument('--bind',
help="bind to interface. Default 127.0.0.1",
default='127.0.0.1')
parser.add_argument('--sslcert',
help='The SSL certficate to use',
default=None)
parser.add_argument('--sslkey', help='The SSL key to use', default=None)
parser.add_argument('--debug',
help='Set log level to debug',
default=False,
action='store_true')
parser.add_argument(
'--daemon',
help='start in daemon mode and put process into background',
default=False,
action='store_true')
parser.add_argument('--pidfile',
help='path for pid file. By default none is created',
default=None)
parser.add_argument('--log-config',
help='Provide a python logging config file',
default=None)
parser.add_argument(
'--leap-provider',
'-lp',
help='Specify the LEAP provider this dispatcher will connect to',
default='localhost')
parser.add_argument(
'--leap-provider-ca',
'-lpc',
dest='leap_provider_ca',
help='Specify the LEAP provider CA to use to validate connections',
default=True)
parser.add_argument(
'--leap-provider-fingerprint',
'-lpf',
dest='leap_provider_fingerprint',
help=
'Specify the LEAP provider fingerprint to use to validate connections',
default=None)
group = parser.add_mutually_exclusive_group()
group.add_argument('--mailpile-virtualenv',
help='Use specified virtual env for mailpile',
default=None)
group.add_argument('--auto-mailpile-virtualenv',
dest='auto_venv',
help='Boostrap virtualenv for mailpile',
default=False,
action='store_true')
args = parser.parse_args(args=filter_args())
if args.sslcert:
ssl_config = SSLConfig(args.sslcert, args.sslkey,
latest_available_ssl_version())
else:
ssl_config = None
venv = args.mailpile_virtualenv
mailpile_bin = args.mailpile_bin
if args.auto_venv:
venv, mailpile_bin = prepare_venv(args.root_path)
if args.root_path is None or not os.path.isdir(args.root_path):
raise ValueError('root path %s not found!' % args.root_path)
log_level = logging.DEBUG if args.debug else logging.INFO
log_config = args.log_config
provider_ca = args.leap_provider_ca if args.leap_provider_fingerprint is None else False
manager = DispatcherManager(
args.root_path,
mailpile_bin,
ssl_config,
args.leap_provider,
mailpile_virtualenv=venv,
provider=args.backend,
leap_provider_ca=provider_ca,
leap_provider_fingerprint=args.leap_provider_fingerprint,
bindaddr=args.bind)
if args.daemon:
pidfile = TimeoutPIDLockFile(
args.pidfile,
acquire_timeout=PID_ACQUIRE_TIMEOUT_IN_S) if args.pidfile else None
can_use_pidfile(pidfile)
with daemon.DaemonContext(pidfile=pidfile):
# init logging only after we have spawned the sub process. Otherwise there might be some hickups
init_logging('manager', level=log_level, config_file=log_config)
manager.serve_forever()
else:
init_logging('manager', level=log_level, config_file=log_config)
manager.serve_forever()
def init_poolmanager(self, connections, maxsize, block=False):
self.poolmanager = PoolManager(num_pools=connections, maxsize=maxsize,
block=block, ssl_version=latest_available_ssl_version(),
assert_hostname=self._assert_hostname,
assert_fingerprint=self._assert_fingerprint)