diff options
| author | Rob Austein <sra@hactrn.net> | 2008-07-15 17:38:45 +0000 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2008-07-15 17:38:45 +0000 |
| commit | 8f8a7ea81035f9230c2b27588cb1548279d938b8 (patch) | |
| tree | e1dc812ab16793b7f5f36c4b4fb5f18197625de2 /scripts/test-pow-tls.py | |
| parent | 9d7bc8e2696d4616b5c73fe6f88d2e0c5dc9e545 (diff) | |
Rename a couple of scripts whose names confuse Doxygen. Clean some of
the old test code out of rpkid/ to make real code easier to find.
svn path=/rpkid/Doxyfile; revision=1995
Diffstat (limited to 'scripts/test-pow-tls.py')
| -rw-r--r-- | scripts/test-pow-tls.py | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/scripts/test-pow-tls.py b/scripts/test-pow-tls.py new file mode 100644 index 00000000..bc9ea9a0 --- /dev/null +++ b/scripts/test-pow-tls.py @@ -0,0 +1,61 @@ +""" +Grope towards testing TLS functionality in POW + +$Id$ + +Copyright (C) 2008 American Registry for Internet Numbers ("ARIN") + +Permission to use, copy, modify, and distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH +REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, +INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +PERFORMANCE OF THIS SOFTWARE. +""" + +# openssl s_server -tls1 -Verify 9 -cert biz-certs/Alice-EE.cer -key biz-certs/Alice-EE.key -www -CApath biz-certs -chain + +# openssl s_client -connect localhost:4433 -tls1 -cert biz-certs/Bob-EE.cer -key biz-certs/Bob-EE.key -verify 9 -CApath biz-certs -crlf + +import POW, socket + +def pow_error_iterator(): + err = POW.getError() + if err is None: + raise StopIteration + else: + yield err + +key = POW.pemRead(POW.RSA_PRIVATE_KEY, open("biz-certs/Bob-EE.key").read()) +cer = POW.pemRead(POW.X509_CERTIFICATE, open("biz-certs/Bob-EE.cer").read()) +ca = POW.pemRead(POW.X509_CERTIFICATE, open("biz-certs/Bob-CA.cer").read()) + +s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) +s.connect(("localhost", 4433)) + +try: + t = POW.Ssl(POW.TLSV1_CLIENT_METHOD) + t.useCertificate(cer) + t.useKey(key) + t.addCertificate(ca) + t.setFd(s.fileno()) + t.connect() + x = t.peerCertificate() + if x is not None: + print "Peer", x.pprint() + t.write("GET / HTTP/1.0\r\n") + if False: + print t.read(10000) + else: + while True: + print t.read() +except: + print "ERROR:" + for e in pow_error_iterator(): + print e + raise |