def listen_ssl_socket(address=('127.0.0.1', 0)): sock = util.wrap_ssl(socket.socket(), certificate_file, private_key_file, True) sock.bind(address) sock.listen(50) return sock
def test_connect_ssl(self): def accept_once(listenfd): try: conn, addr = listenfd.accept() conn.write(b'hello\r\n') greenio.shutdown_safe(conn) conn.close() finally: greenio.shutdown_safe(listenfd) listenfd.close() server = api.ssl_listener(('0.0.0.0', 0), self.certificate_file, self.private_key_file) api.spawn(accept_once, server) raw_client = eventlet.connect(('127.0.0.1', server.getsockname()[1])) client = util.wrap_ssl(raw_client) fd = socket._fileobject(client, 'rb', 8192) assert fd.readline() == b'hello\r\n' try: self.assertEqual(b'', fd.read(10)) except greenio.SSL.ZeroReturnError: # if it's a GreenSSL object it'll do this pass greenio.shutdown_safe(client) client.close() check_hub()
def listen_ssl_socket(address=('127.0.0.1', 0)): sock = util.wrap_ssl(socket.socket(), certfile, keyfile, True) sock.bind(address) sock.listen(5000) return sock
def serve(): sock, addr = listener.accept() self.assertEquals(sock.recv(6), 'before') sock_ssl = util.wrap_ssl(sock, certificate_file, private_key_file, server_side=True) sock_ssl.do_handshake() self.assertEquals(sock_ssl.read(6), 'during') sock2 = sock_ssl.unwrap() self.assertEquals(sock2.recv(5), 'after') sock2.close()
def test_duplex_response(self): def serve(listener): sock, addr = listener.accept() stuff = sock.read(8192) sock.write('response') sock = listen_ssl_socket() server_coro = eventlet.spawn(serve, sock) client = util.wrap_ssl(eventlet.connect(('127.0.0.1', sock.getsockname()[1]))) client.write('line 1\r\nline 2\r\n\r\n') self.assertEquals(client.read(8192), 'response') server_coro.wait()
def test_ssl_connect(self): def serve(listener): sock, addr = listener.accept() stuff = sock.read(8192) sock = listen_ssl_socket() server_coro = eventlet.spawn(serve, sock) raw_client = socket.socket(socket.AF_INET, socket.SOCK_STREAM) ssl_client = util.wrap_ssl(raw_client) ssl_client.connect(('127.0.0.1', sock.getsockname()[1])) ssl_client.write('abc') greenio.shutdown_safe(ssl_client) ssl_client.close() server_coro.wait()
def ssl_listener(address, certificate, private_key): """Listen on the given (ip, port) *address* with a TCP socket that can do SSL. Primarily useful for unit tests, don't use in production. *certificate* and *private_key* should be the filenames of the appropriate certificate and private key files to use with the SSL socket. Returns a socket object on which one should call ``accept()`` to accept a connection on the newly bound socket. """ from eventlet import util import socket socket = util.wrap_ssl(socket.socket(), certificate, private_key, True) socket.bind(address) socket.listen(50) return socket
def test_ssl_close(self): def serve(listener): sock, addr = listener.accept() stuff = sock.read(8192) try: self.assertEquals("", sock.read(8192)) except greenio.SSL.ZeroReturnError: pass sock = listen_ssl_socket() server_coro = eventlet.spawn(serve, sock) raw_client = eventlet.connect(('127.0.0.1', sock.getsockname()[1])) client = util.wrap_ssl(raw_client) client.write('X') greenio.shutdown_safe(client) client.close() server_coro.wait()
def ssl_listener(address, certificate, private_key): """Listen on the given (ip, port) *address* with a TCP socket that can do SSL. *certificate* and *private_key* should be the filenames of the appropriate certificate and private key files to use with the SSL socket. Returns a socket object on which one should call ``accept()`` to accept a connection on the newly bound socket. Generally, the returned socket will be passed to ``tcp_server()``, which accepts connections forever and spawns greenlets for each incoming connection. """ from eventlet import util socket = util.wrap_ssl(util.tcp_socket(), certificate, private_key) util.socket_bind_and_listen(socket, address) socket.is_secure = True return socket
def test_ssl_unwrap(self): def serve(): sock, addr = listener.accept() self.assertEquals(sock.recv(6), 'before') sock_ssl = util.wrap_ssl(sock, certificate_file, private_key_file, server_side=True) sock_ssl.do_handshake() self.assertEquals(sock_ssl.read(6), 'during') sock2 = sock_ssl.unwrap() self.assertEquals(sock2.recv(5), 'after') sock2.close() listener = eventlet.listen(('127.0.0.1', 0)) server_coro = eventlet.spawn(serve) client = eventlet.connect((listener.getsockname())) client.send('before') client_ssl = util.wrap_ssl(client) client_ssl.do_handshake() client_ssl.write('during') client2 = client_ssl.unwrap() client2.send('after') server_coro.wait()
def test_sendall_cpu_usage(self): """SSL socket.sendall() busy loop https://bitbucket.org/eventlet/eventlet/issue/134/greenssl-performance-issues Idea of this test is to check that GreenSSLSocket.sendall() does not busy loop retrying .send() calls, but instead trampolines until socket is writeable. BUFFER_SIZE and SENDALL_SIZE are magic numbers inferred through trial and error. """ # Time limit resistant to busy loops self.set_alarm(1) stage_1 = eventlet.event.Event() BUFFER_SIZE = 1000 SENDALL_SIZE = 100000 def serve(listener): conn, _ = listener.accept() conn.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, BUFFER_SIZE) self.assertEqual(conn.read(8), b'request') conn.write(b'response') stage_1.wait() conn.sendall(b'x' * SENDALL_SIZE) server_sock = listen_ssl_socket() server_coro = eventlet.spawn(serve, server_sock) client_sock = eventlet.connect(server_sock.getsockname()) client_sock.setsockopt(socket.SOL_SOCKET, socket.SO_RCVBUF, BUFFER_SIZE) client = util.wrap_ssl(client_sock) client.write(b'request') self.assertEqual(client.read(8), b'response') stage_1.send() check_idle_cpu_usage(0.2, 0.1) server_coro.kill()
def test_connect_ssl(self): def accept_once(listenfd): try: conn, addr = listenfd.accept() fl = conn.makeGreenFile('w') fl.write('hello\r\n') fl.close() conn.close() finally: listenfd.close() server = api.ssl_listener(('0.0.0.0', 0), self.certificate_file, self.private_key_file) api.spawn(accept_once, server) client = util.wrap_ssl( api.connect_tcp(('127.0.0.1', server.getsockname()[1]))) client = client.makeGreenFile() assert client.readline() == 'hello\r\n' assert client.read() == '' client.close()
def test_sendall_cpu_usage(self): """SSL socket.sendall() busy loop https://bitbucket.org/eventlet/eventlet/issue/134/greenssl-performance-issues Idea of this test is to check that GreenSSLSocket.sendall() does not busy loop retrying .send() calls, but instead trampolines until socket is writeable. BUFFER_SIZE and SENDALL_SIZE are magic numbers inferred through trial and error. """ # Time limit resistant to busy loops self.set_alarm(1) stage_1 = eventlet.event.Event() BUFFER_SIZE = 1000 SENDALL_SIZE = 100000 def serve(listener): conn, _ = listener.accept() conn.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, BUFFER_SIZE) self.assertEqual(conn.read(8), 'request') conn.write('response') stage_1.wait() conn.sendall('x' * SENDALL_SIZE) server_sock = listen_ssl_socket() server_coro = eventlet.spawn(serve, server_sock) client_sock = eventlet.connect(server_sock.getsockname()) client_sock.setsockopt(socket.SOL_SOCKET, socket.SO_RCVBUF, BUFFER_SIZE) client = util.wrap_ssl(client_sock) client.write('request') self.assertEqual(client.read(8), 'response') stage_1.send() check_idle_cpu_usage(0.2, 0.1) server_coro.kill()
def ssl(sock, certificate=None, private_key=None): from eventlet import util wrapped = util.wrap_ssl(sock, certificate, private_key) return GreenSSLObject(wrapped)
import eventlet import socket from eventlet import util import os certfile = "/home/hill/git/ospaas/examples/pki/certs/ssl_cert.pem" keyfile = "/home/hill/git/ospaas/examples/pki/private/ssl_key.pem" def listen_ssl_socket(address=('127.0.0.1', 0)): sock = util.wrap_ssl(socket.socket(), certfile, keyfile, True) sock.bind(address) sock.listen(5000) return sock def serve(listener): sock, addr = listener.accept() stuff = sock.read(8192) sock.write('response') sock = listen_ssl_socket() server_coro = eventlet.spawn(serve, sock) client = util.wrap_ssl(eventlet.connect(('127.0.0.1', sock.getsockname()[1]))) client.write('line 1\r\nline 2\r\n\r\n') print client.read(8192) server_coro.wait()