コード例 #1
0
import urllib.request, urllib.error, urllib.parse, socket, ssl, time, os, signal, json, http.server, threading

received_metrics = None

class FakeMetricsBridgeHandler(http.server.BaseHTTPRequestHandler):
  def do_POST(self):
    global received_metrics
    print_ok("handling POST to fake bridge")
    length = int(self.headers['Content-Length'])
    received_metrics = json.loads(self.rfile.read(length).decode('utf-8'))

if __name__ == "__main__":
  ghostunnel = None
  try:
    # Step 1: create certs
    create_root_cert('root')
    create_signed_cert('server', 'root')
    create_signed_cert('new_server', 'root')
    create_signed_cert('client1', 'root')

    httpd = http.server.HTTPServer(('localhost',13080), FakeMetricsBridgeHandler)
    server = threading.Thread(target=httpd.handle_request)
    server.start()

    # Step 2: start ghostunnel
    ghostunnel = Popen(['../ghostunnel', '--listen={0}:13001'.format(LOCALHOST),
      '--target={0}:13100'.format(LOCALHOST), '--keystore=server.p12',
      '--storepass='******'--cacert=root.crt', '--allow-ou=client1',
      '--status={0}:13100'.format(LOCALHOST), '--metrics-url=http://localhost:13080/post'])

    # Step 3: wait for metrics to post
コード例 #2
0
#!/usr/bin/env python3

# Creates a ghostunnel. Ensures client1 can connect but that clients with
# ou=client2 or ca=other_root can't connect.

from subprocess import Popen
from test_common import create_root_cert, create_signed_cert, LOCALHOST, SocketPair, print_ok, cleanup_certs
import socket, ssl

if __name__ == "__main__":
  ghostunnel = None
  try:
    # Step 1: create certs
    create_root_cert('root')
    create_signed_cert('server', 'root')
    create_signed_cert('client1', 'root')
    create_signed_cert('client2', 'root')

    create_root_cert('other_root')
    create_signed_cert('other_client1', 'other_root')

    # Step 2: start ghostunnel
    ghostunnel = Popen(['../ghostunnel', '--listen={0}:13001'.format(LOCALHOST),
      '--target={0}:13000'.format(LOCALHOST), '--keystore=server.p12',
      '--storepass='******'--cacert=root.crt', '--allow-ou=client1'])

    # Step 3: connect with client1, confirm that the tunnel is up
    pair = SocketPair('client1', 13001, 13000)
    pair.validate_can_send_from_client("hello world", "1: client -> server")
    pair.validate_can_send_from_server("hello world", "1: server -> client")
    pair.validate_closing_client_closes_server("1: client closed -> server closed")
コード例 #3
0
#!/usr/local/bin/python

# Creates a ghostunnel. Ensures when client disconnects that the server
# connection also disconnects.

from subprocess import Popen
from test_common import create_root_cert, create_signed_cert, LOCALHOST, SocketPair, print_ok, cleanup_certs
import socket, ssl

if __name__ == "__main__":
    ghostunnel = None
    try:
        # Step 1: create certs
        # root, ou=server, ou=client, ou=other_client
        create_root_cert('root')
        create_signed_cert('server', 'root')
        create_signed_cert('client1', 'root')

        # Step 2: start ghostunnel
        ghostunnel = Popen([
            '../ghostunnel', '--listen={0}:13001'.format(LOCALHOST),
            '--target={0}:13000'.format(LOCALHOST), '--keystore=server.p12',
            '--storepass='******'--cacert=root.crt', '--allow-ou=client1'
        ])

        # Step 3: connect with client1, confirm that the tunnel is up
        pair = SocketPair('client1', 13001, 13000)
        pair.validate_can_send_from_client("hello world",
                                           "1: client -> server")
        pair.validate_can_send_from_server("hello world",
                                           "1: server -> client")
コード例 #4
0
#!/usr/local/bin/python

# Creates a ghostunnel. Ensures that /_status endpoint works.

from subprocess import Popen
from test_common import create_root_cert, create_signed_cert, LOCALHOST, SocketPair, print_ok, cleanup_certs
import urllib2, socket, ssl, time, os, signal, json

if __name__ == "__main__":
    ghostunnel = None
    try:
        # Step 1: create certs
        create_root_cert("root")
        create_signed_cert("server", "root")
        create_signed_cert("new_server", "root")
        create_signed_cert("client1", "root")

        # Step 2: start ghostunnel
        ghostunnel = Popen(
            [
                "../ghostunnel",
                "--listen={0}:13001".format(LOCALHOST),
                "--target={0}:13100".format(LOCALHOST),
                "--keystore=server.p12",
                "--storepass="******"--cacert=root.crt",
                "--allow-ou=client1",
                "--status-port=13100",
            ]
        )