def send_data(i): p = SocketPair(TlsClient("client{0}".format(i), 'root', 13001), TcpServer(13002)) counter = 0 while counter < 100: r = random.random() if r < 0.4: time.sleep(r) continue counter += 1 if r < 0.7: p.validate_can_send_from_client( "blah blah blah", "{0}:{1} client -> server".format(i, counter)) else: p.validate_can_send_from_server( "blah blah blah", "{0}:{1} server -> client".format(i, counter)) r = random.random() if r < 0.5: p.validate_closing_client_closes_server( "{0} client close -> server close".format(i)) else: p.validate_closing_server_closes_client( "{0} server close -> client close".format(i))
ghostunnel = run_ghostunnel([ 'client', '--listen={0}:13001'.format(LOCALHOST), '--target=localhost:13002', '--cacert=root.crt', '--disable-authentication', '--status={0}:{1}'.format(LOCALHOST, STATUS_PORT) ]) # connect to server1, confirm that the tunnel is up pair = SocketPair( TcpClient(13001), TlsServer('server1', 'root', 13002, cert_reqs=ssl.CERT_NONE)) pair.validate_can_send_from_client("hello world", "1: client -> server") pair.validate_can_send_from_server("hello world", "1: server -> client") pair.validate_closing_client_closes_server( "1: client closed -> server closed") # connect to other_server, confirm that the tunnel isn't up try: pair = SocketPair( TcpClient(13001), TlsServer('other_server', 'other_root', 13002, cert_reqs=ssl.CERT_NONE)) raise Exception('failed to reject other_server') except ssl.SSLError: print_ok("other_server with unknown CA correctly rejected") # connect to server2, confirm that the tunnel isn't up try:
'--target=localhost:13002', '--keystore=client.p12', '--cacert=root.crt', '--timed-reload=1s', '--override-server-name=foobar', '--status={0}:{1}'.format(LOCALHOST, STATUS_PORT)]) # connect to server1, confirm that the tunnel is up pair = SocketPair(TcpClient(13001), TlsServer( 'server2', 'root', 13002)) pair.validate_can_send_from_client( "hello world", "1: client -> server") pair.validate_can_send_from_server( "hello world", "1: server -> client") pair.validate_closing_client_closes_server( "1: client closed -> server closed") # connect to other_server, confirm that the tunnel isn't up try: pair = SocketPair(TcpClient(13001), TlsServer( 'other_server', 'other_root', 13002)) raise Exception('failed to reject other_server') except ssl.SSLError: print_ok("other_server correctly rejected") # connect to server2, confirm that the tunnel isn't up try: pair = SocketPair(TcpClient(13001), TlsServer( 'server1', 'root', 13002)) raise Exception('failed to reject server1') except ssl.SSLError:
root.create_signed_cert('client') httpd = http.server.HTTPServer( (LOCALHOST, 13080), FakeConnectProxyHandler) server = threading.Thread(target=httpd.handle_request) server.start() # start ghostunnel ghostunnel = run_ghostunnel(['client', '--listen={0}:13001'.format(LOCALHOST), '--target={0}:13002'.format(LOCALHOST), '--keystore=client.p12', '--cacert=root.crt', '--connect-proxy=http://{0}:13080'.format(LOCALHOST), '--connect-timeout=30s', '--status={0}:{1}'.format(LOCALHOST, STATUS_PORT)]) # connect to server, confirm that the tunnel is up pair = SocketPair(TcpClient(13001), TlsServer('server', 'root', 13002)) pair.validate_can_send_from_client( 'hello world', '1: client -> server') pair.validate_can_send_from_server( 'hello world', '1: server -> client') pair.validate_closing_client_closes_server('closing client') pair.cleanup() print_ok("OK") finally: terminate(ghostunnel)