received_metrics = None class FakeMetricsBridgeHandler(http.server.BaseHTTPRequestHandler): def do_POST(self): global received_metrics print_ok("handling POST to fake bridge") length = int(self.headers['Content-Length']) received_metrics = json.loads(self.rfile.read(length).decode('utf-8')) if __name__ == "__main__": ghostunnel = None try: # Step 1: create certs create_root_cert('root') create_signed_cert('server', 'root') create_signed_cert('new_server', 'root') create_signed_cert('client1', 'root') httpd = http.server.HTTPServer(('localhost',13080), FakeMetricsBridgeHandler) server = threading.Thread(target=httpd.handle_request) server.start() # Step 2: start ghostunnel ghostunnel = Popen(['../ghostunnel', '--listen={0}:13001'.format(LOCALHOST), '--target={0}:13100'.format(LOCALHOST), '--keystore=server.p12', '--storepass='******'--cacert=root.crt', '--allow-ou=client1', '--status={0}:13100'.format(LOCALHOST), '--metrics-url=http://localhost:13080/post']) # Step 3: wait for metrics to post for i in range(0, 10):
#!/usr/local/bin/python # Creates a ghostunnel. Ensures when client disconnects that the server # connection also disconnects. from subprocess import Popen from test_common import create_root_cert, create_signed_cert, LOCALHOST, SocketPair, print_ok, cleanup_certs import socket, ssl if __name__ == "__main__": ghostunnel = None try: # Step 1: create certs # root, ou=server, ou=client, ou=other_client create_root_cert('root') create_signed_cert('server', 'root') create_signed_cert('client1', 'root') # Step 2: start ghostunnel ghostunnel = Popen([ '../ghostunnel', '--listen={0}:13001'.format(LOCALHOST), '--target={0}:13000'.format(LOCALHOST), '--keystore=server.p12', '--storepass='******'--cacert=root.crt', '--allow-ou=client1' ]) # Step 3: connect with client1, confirm that the tunnel is up pair = SocketPair('client1', 13001, 13000) pair.validate_can_send_from_client("hello world", "1: client -> server") pair.validate_can_send_from_server("hello world", "1: server -> client")
#!/usr/bin/env python3 # Creates a ghostunnel. Ensures client1 can connect but that clients with # ou=client2 or ca=other_root can't connect. from subprocess import Popen from test_common import create_root_cert, create_signed_cert, LOCALHOST, SocketPair, print_ok, cleanup_certs import socket, ssl if __name__ == "__main__": ghostunnel = None try: # Step 1: create certs create_root_cert('root') create_signed_cert('server', 'root') create_signed_cert('client1', 'root') create_signed_cert('client2', 'root') create_root_cert('other_root') create_signed_cert('other_client1', 'other_root') # Step 2: start ghostunnel ghostunnel = Popen(['../ghostunnel', '--listen={0}:13001'.format(LOCALHOST), '--target={0}:13000'.format(LOCALHOST), '--keystore=server.p12', '--storepass='******'--cacert=root.crt', '--allow-ou=client1']) # Step 3: connect with client1, confirm that the tunnel is up pair = SocketPair('client1', 13001, 13000) pair.validate_can_send_from_client("hello world", "1: client -> server") pair.validate_can_send_from_server("hello world", "1: server -> client") pair.validate_closing_client_closes_server("1: client closed -> server closed")
p.validate_closing_client_closes_server( "{0} client close -> server close".format(i)) else: p.validate_closing_server_closes_client( "{0} server close -> client close".format(i)) if __name__ == "__main__": ghostunnel = None n_clients = 10 certs = ['root', 'server'] allow_ou = [] try: # Step 1: create certs create_root_cert('root') create_signed_cert('server', 'root') for i in range(1, n_clients): create_signed_cert("client{0}".format(i), 'root') certs.append("client{0}".format(i)) allow_ou.append("--allow-ou=client{0}".format(i)) # Step 2: start ghostunnel ghostunnel = Popen([ '../ghostunnel', '--listen={0}:13001'.format( LOCALHOST), '--target={0}:13000'.format(LOCALHOST), '--keystore=server.p12', '--storepass='******'--cacert=root.crt' ] + allow_ou) # Step 3: clients should be able to communicate all at the same time. proc = [] for i in range(1, n_clients):
#!/usr/local/bin/python # Creates a ghostunnel. Ensures that /_status endpoint works. from subprocess import Popen from test_common import create_root_cert, create_signed_cert, LOCALHOST, SocketPair, print_ok, cleanup_certs import urllib2, socket, ssl, time, os, signal, json if __name__ == "__main__": ghostunnel = None try: # Step 1: create certs create_root_cert("root") create_signed_cert("server", "root") create_signed_cert("new_server", "root") create_signed_cert("client1", "root") # Step 2: start ghostunnel ghostunnel = Popen( [ "../ghostunnel", "--listen={0}:13001".format(LOCALHOST), "--target={0}:13100".format(LOCALHOST), "--keystore=server.p12", "--storepass="******"--cacert=root.crt", "--allow-ou=client1", "--status-port=13100", ] )
r = random.random() if r < 0.5: p.validate_closing_client_closes_server("{0} client close -> server close".format(i)) else: p.validate_closing_server_closes_client("{0} server close -> client close".format(i)) if __name__ == "__main__": ghostunnel = None n_clients = 10 certs = ['root', 'server'] allow_ou = [] try: # Step 1: create certs create_root_cert('root') create_signed_cert('server', 'root') for i in range(1, n_clients): create_signed_cert("client{0}".format(i), 'root') certs.append("client{0}".format(i)) allow_ou.append("--allow-ou=client{0}".format(i)) # Step 2: start ghostunnel ghostunnel = Popen(['../ghostunnel', '--listen={0}:13001'.format(LOCALHOST), '--target={0}:13000'.format(LOCALHOST), '--keystore=server.p12', '--storepass='******'--cacert=root.crt'] + allow_ou) # Step 3: clients should be able to communicate all at the same time. proc = [] for i in range(1, n_clients): pair = SocketPair("client{0}".format(i), 13001, 13000) p = Process(target=send_data, args=(i,pair,))