Пример #1
0
    def setUp(self):
        super(MalloryTest, self).setUp()
        self.client = test.MalloryClient(10001, self)
        echo_app = tornado.web.Application([(r"/.*", test.EchoRequestHandler)])

        self.echo_http_server = tornado.httpserver.HTTPServer(
            echo_app,
            ssl_options={
                "certfile": "test/ssl/echo_server/server.crt",
                "keyfile": "test/ssl/echo_server/server.key",
            })
        self.echo_http_server.listen(10000, address="127.0.0.1")

        http_request_options = {
            "ca_certs": "test/ssl/ca/ca.crt",
            "request_timeout": 0.5
        }
        ssl_options = {
            "certfile": "test/ssl/mallory/server.crt",
            "keyfile": "test/ssl/mallory/server.key"
        }

        self.mallory_server = mallory.Server(
            proxy_to="https://127.0.0.1:10000",
            http_request_options=http_request_options,
            port=10001,
            ssl_options=ssl_options)

        self.mallory_server.start()
Пример #2
0
    def test_error_handling(self):
        http_request_options = {
            "ca_certs": "test/ssl/ca/ca.crt",
            "request_timeout": 0.5
        }
        mallory_server = mallory.Server(
            proxy_to="https://127.0.0.1:10001",
            port=10002,
            http_request_options=http_request_options,
            ssl_options={
                "certfile": "test/ssl/mallory/server.crt",
                "keyfile": "test/ssl/mallory/server.key"
            })
        mallory_server.start()

        http_client = tornado.httpclient.AsyncHTTPClient()
        http_client.fetch("https://127.0.0.1:10002/",
                          self.stop,
                          method="HEAD",
                          ca_certs="test/ssl/mallory/server.crt")
        response = self.wait()

        mallory_server.stop()

        self.assertEqual(502, response.code)
Пример #3
0
def start(args):
    parser = optparse.OptionParser(usage="mallory [options] target")
    parser.add_option("-p", "--port", dest="port", default=9000)
    parser.add_option("--verify-ca-cert",
                      dest="ca_cert",
                      help="CA certificate to verify on backend")
    parser.add_option("--ssl-key",
                      dest="ssl_key",
                      help="Private key for serving SSL")
    parser.add_option("--ssl-cert",
                      dest="ssl_cert",
                      help="Certificate for serving SSL")
    parser.add_option("--proxy-request-timeout",
                      dest="proxy_request_timeout",
                      default=20,
                      type="float",
                      help="Proxy timeout in seconds")
    parser.add_option("--client-key",
                      dest="client_key",
                      help="Private key for client certificate")
    parser.add_option("--client-cert",
                      dest="client_cert",
                      help="Certificate for client authentication")

    (options, params) = parser.parse_args(args)

    mallory.logs.setup()

    ssl_options = {"certfile": options.ssl_cert, "keyfile": options.ssl_key}

    http_request_options = {
        "client_cert": options.client_cert,
        "client_key": options.client_key,
        "request_timeout": options.proxy_request_timeout
    }

    if options.ca_cert:
        http_request_options["ca_certs"] = options.ca_cert
    else:
        http_request_options["validate_cert"] = False

    server = mallory.Server(proxy_to=params[0],
                            port=options.port,
                            ssl_options=ssl_options,
                            http_request_options=http_request_options)

    handle_interrupt(server)

    logging.info("starting mallory on port %s" % options.port)
    server.start()

    tornado.ioloop.IOLoop.instance().start()