Python SocketPair.validate_can_send_from_client примеры использования

Пример #1

Файл: test-handles-client-closes-connection.py Проект: zhuyue1314/ghostunnel

if __name__ == "__main__":
    ghostunnel = None
    try:
        # Step 1: create certs
        # root, ou=server, ou=client, ou=other_client
        create_root_cert('root')
        create_signed_cert('server', 'root')
        create_signed_cert('client1', 'root')

        # Step 2: start ghostunnel
        ghostunnel = Popen([
            '../ghostunnel', '--listen={0}:13001'.format(LOCALHOST),
            '--target={0}:13000'.format(LOCALHOST), '--keystore=server.p12',
            '--storepass='******'--cacert=root.crt', '--allow-ou=client1'
        ])

        # Step 3: connect with client1, confirm that the tunnel is up
        pair = SocketPair('client1', 13001, 13000)
        pair.validate_can_send_from_client("hello world",
                                           "1: client -> server")
        pair.validate_can_send_from_server("hello world",
                                           "1: server -> client")
        pair.validate_closing_client_closes_server(
            "1: client closed -> server closed")

        print_ok("OK")
    finally:
        cleanup_certs(['root', 'server', 'client1'])
        if ghostunnel:
            ghostunnel.kill()

Пример #2

Файл: test-reloads-certificate.py Проект: stouset/ghostunnel

        create_root_cert('root')
        create_signed_cert('server', 'root')
        create_signed_cert('new_server', 'root')
        create_signed_cert('client1', 'root')

        # Step 2: start ghostunnel
        ghostunnel = Popen([
            '../ghostunnel', '--listen={0}:13001'.format(LOCALHOST),
            '--target={0}:13000'.format(LOCALHOST), '--keystore=server.p12',
            '--storepass='******'--cacert=root.crt', '--allow-ou=client1',
            '--status={0}:13100'.format(LOCALHOST)
        ])

        # Step 3: create connections with client1
        pair1 = SocketPair('client1', 13001, 13000)
        pair1.validate_can_send_from_client("toto", "pair1 works")
        pair1.validate_tunnel_ou("server", "pair1 -> ou=server")

        # Replace keystore and trigger reload
        os.rename('new_server.p12', 'server.p12')
        ghostunnel.send_signal(signal.SIGUSR1)
        wait_for_cert(13100, 'new_server.crt')

        # Step 4: create connections with client1
        pair2 = SocketPair('client1', 13001, 13000)
        pair2.validate_can_send_from_client("toto", "pair2 works")
        pair2.validate_tunnel_ou("new_server", "pair2 -> ou=new_server")

        # Step 5: ensure that pair1 is still alive
        pair1.validate_can_send_from_client("toto", "pair1 still works")

Пример #3

Файл: test-rejects-invalid-ou-or-ca.py Проект: stouset/ghostunnel

    create_root_cert('root')
    create_signed_cert('server', 'root')
    create_signed_cert('client1', 'root')
    create_signed_cert('client2', 'root')

    create_root_cert('other_root')
    create_signed_cert('other_client1', 'other_root')

    # Step 2: start ghostunnel
    ghostunnel = Popen(['../ghostunnel', '--listen={0}:13001'.format(LOCALHOST),
      '--target={0}:13000'.format(LOCALHOST), '--keystore=server.p12',
      '--storepass='******'--cacert=root.crt', '--allow-ou=client1'])

    # Step 3: connect with client1, confirm that the tunnel is up
    pair = SocketPair('client1', 13001, 13000)
    pair.validate_can_send_from_client("hello world", "1: client -> server")
    pair.validate_can_send_from_server("hello world", "1: server -> client")
    pair.validate_closing_client_closes_server("1: client closed -> server closed")

    # Step 4: connect with client2, confirm that the tunnel isn't up
    try:
      pair = SocketPair('client2', 13001, 13000)
      raise Exception('failed to reject client2')
    except socket.timeout:
      # TODO: this should be a ssl.SSLError, but ends up being a timeout. Figure
      # out why.
      print_ok("client2 correctly rejected")

    # Step 5: connect with other_client1, confirm that the tunnel isn't
    # up
    try:

Пример #4

Файл: test-reloads-certificate.py Проект: zhuyue1314/ghostunnel

  ghostunnel = None
  try:
    # Step 1: create certs
    create_root_cert('root')
    create_signed_cert('server', 'root')
    create_signed_cert('new_server', 'root')
    create_signed_cert('client1', 'root')

    # Step 2: start ghostunnel
    ghostunnel = Popen(['../ghostunnel', '--listen={0}:13001'.format(LOCALHOST),
      '--target={0}:13000'.format(LOCALHOST), '--keystore=server.p12',
      '--storepass='******'--cacert=root.crt', '--allow-ou=client1'])

    # Step 3: create connections with client1
    pair1 = SocketPair('client1', 13001, 13000)
    pair1.validate_can_send_from_client("toto", "pair1 works")
    pair1.validate_tunnel_ou("server", "pair1 -> ou=server")

    # Replace keystore and trigger reload
    os.rename('new_server.p12', 'server.p12')
    ghostunnel.send_signal(signal.SIGUSR1)
    time.sleep(10)

    # Step 4: create connections with client1
    pair2 = SocketPair('client1', 13001, 13000)
    pair2.validate_can_send_from_client("toto", "pair2 works")
    pair2.validate_tunnel_ou("new_server", "pair2 -> ou=new_server")

    # Step 5: ensure that pair1 is still alive
    pair1.validate_can_send_from_client("toto", "pair1 still works")