import urllib.request, urllib.error, urllib.parse, socket, ssl, time, os, signal, json, http.server, threading
received_metrics = None
class FakeMetricsBridgeHandler(http.server.BaseHTTPRequestHandler):
def do_POST(self):
global received_metrics
print_ok("handling POST to fake bridge")
length = int(self.headers['Content-Length'])
received_metrics = json.loads(self.rfile.read(length).decode('utf-8'))
if __name__ == "__main__":
ghostunnel = None
try:
# Step 1: create certs
create_root_cert('root')
create_signed_cert('server', 'root')
create_signed_cert('new_server', 'root')
create_signed_cert('client1', 'root')
httpd = http.server.HTTPServer(('localhost',13080), FakeMetricsBridgeHandler)
server = threading.Thread(target=httpd.handle_request)
server.start()
# Step 2: start ghostunnel
ghostunnel = Popen(['../ghostunnel', '--listen={0}:13001'.format(LOCALHOST),
'--target={0}:13100'.format(LOCALHOST), '--keystore=server.p12',
'--storepass='******'--cacert=root.crt', '--allow-ou=client1',
'--status={0}:13100'.format(LOCALHOST), '--metrics-url=http://localhost:13080/post'])
# Step 3: wait for metrics to post
#!/usr/bin/env python3
# Creates a ghostunnel. Ensures client1 can connect but that clients with
# ou=client2 or ca=other_root can't connect.
from subprocess import Popen
from test_common import create_root_cert, create_signed_cert, LOCALHOST, SocketPair, print_ok, cleanup_certs
import socket, ssl
if __name__ == "__main__":
ghostunnel = None
try:
# Step 1: create certs
create_root_cert('root')
create_signed_cert('server', 'root')
create_signed_cert('client1', 'root')
create_signed_cert('client2', 'root')
create_root_cert('other_root')
create_signed_cert('other_client1', 'other_root')
# Step 2: start ghostunnel
ghostunnel = Popen(['../ghostunnel', '--listen={0}:13001'.format(LOCALHOST),
'--target={0}:13000'.format(LOCALHOST), '--keystore=server.p12',
'--storepass='******'--cacert=root.crt', '--allow-ou=client1'])
# Step 3: connect with client1, confirm that the tunnel is up
pair = SocketPair('client1', 13001, 13000)
pair.validate_can_send_from_client("hello world", "1: client -> server")
pair.validate_can_send_from_server("hello world", "1: server -> client")
pair.validate_closing_client_closes_server("1: client closed -> server closed")
#!/usr/local/bin/python
# Creates a ghostunnel. Ensures when client disconnects that the server
# connection also disconnects.
from subprocess import Popen
from test_common import create_root_cert, create_signed_cert, LOCALHOST, SocketPair, print_ok, cleanup_certs
import socket, ssl
if __name__ == "__main__":
ghostunnel = None
try:
# Step 1: create certs
# root, ou=server, ou=client, ou=other_client
create_root_cert('root')
create_signed_cert('server', 'root')
create_signed_cert('client1', 'root')
# Step 2: start ghostunnel
ghostunnel = Popen([
'../ghostunnel', '--listen={0}:13001'.format(LOCALHOST),
'--target={0}:13000'.format(LOCALHOST), '--keystore=server.p12',
'--storepass='******'--cacert=root.crt', '--allow-ou=client1'
])
# Step 3: connect with client1, confirm that the tunnel is up
pair = SocketPair('client1', 13001, 13000)
pair.validate_can_send_from_client("hello world",
"1: client -> server")
pair.validate_can_send_from_server("hello world",
"1: server -> client")
#!/usr/local/bin/python
# Creates a ghostunnel. Ensures that /_status endpoint works.
from subprocess import Popen
from test_common import create_root_cert, create_signed_cert, LOCALHOST, SocketPair, print_ok, cleanup_certs
import urllib2, socket, ssl, time, os, signal, json
if __name__ == "__main__":
ghostunnel = None
try:
# Step 1: create certs
create_root_cert("root")
create_signed_cert("server", "root")
create_signed_cert("new_server", "root")
create_signed_cert("client1", "root")
# Step 2: start ghostunnel
ghostunnel = Popen(
[
"../ghostunnel",
"--listen={0}:13001".format(LOCALHOST),
"--target={0}:13100".format(LOCALHOST),
"--keystore=server.p12",
"--storepass="******"--cacert=root.crt",
"--allow-ou=client1",
"--status-port=13100",
]
)