def setUp(self): super(MalloryTest, self).setUp() self.client = test.MalloryClient(10001, self) echo_app = tornado.web.Application([(r"/.*", test.EchoRequestHandler)]) self.echo_http_server = tornado.httpserver.HTTPServer( echo_app, ssl_options={ "certfile": "test/ssl/echo_server/server.crt", "keyfile": "test/ssl/echo_server/server.key", }) self.echo_http_server.listen(10000, address="127.0.0.1") http_request_options = { "ca_certs": "test/ssl/ca/ca.crt", "request_timeout": 0.5 } ssl_options = { "certfile": "test/ssl/mallory/server.crt", "keyfile": "test/ssl/mallory/server.key" } self.mallory_server = mallory.Server( proxy_to="https://127.0.0.1:10000", http_request_options=http_request_options, port=10001, ssl_options=ssl_options) self.mallory_server.start()
def test_error_handling(self): http_request_options = { "ca_certs": "test/ssl/ca/ca.crt", "request_timeout": 0.5 } mallory_server = mallory.Server( proxy_to="https://127.0.0.1:10001", port=10002, http_request_options=http_request_options, ssl_options={ "certfile": "test/ssl/mallory/server.crt", "keyfile": "test/ssl/mallory/server.key" }) mallory_server.start() http_client = tornado.httpclient.AsyncHTTPClient() http_client.fetch("https://127.0.0.1:10002/", self.stop, method="HEAD", ca_certs="test/ssl/mallory/server.crt") response = self.wait() mallory_server.stop() self.assertEqual(502, response.code)
def start(args): parser = optparse.OptionParser(usage="mallory [options] target") parser.add_option("-p", "--port", dest="port", default=9000) parser.add_option("--verify-ca-cert", dest="ca_cert", help="CA certificate to verify on backend") parser.add_option("--ssl-key", dest="ssl_key", help="Private key for serving SSL") parser.add_option("--ssl-cert", dest="ssl_cert", help="Certificate for serving SSL") parser.add_option("--proxy-request-timeout", dest="proxy_request_timeout", default=20, type="float", help="Proxy timeout in seconds") parser.add_option("--client-key", dest="client_key", help="Private key for client certificate") parser.add_option("--client-cert", dest="client_cert", help="Certificate for client authentication") (options, params) = parser.parse_args(args) mallory.logs.setup() ssl_options = {"certfile": options.ssl_cert, "keyfile": options.ssl_key} http_request_options = { "client_cert": options.client_cert, "client_key": options.client_key, "request_timeout": options.proxy_request_timeout } if options.ca_cert: http_request_options["ca_certs"] = options.ca_cert else: http_request_options["validate_cert"] = False server = mallory.Server(proxy_to=params[0], port=options.port, ssl_options=ssl_options, http_request_options=http_request_options) handle_interrupt(server) logging.info("starting mallory on port %s" % options.port) server.start() tornado.ioloop.IOLoop.instance().start()