Archive more little test scripts

svn path=/scripts/rootd.yaml; revision=1489

1 files changed, 45 insertions, 0 deletions

diff --git a/scripts/test-pow-tls.py b/scripts/test-pow-tls.py
new file mode 100644
index 00000000..8afccbbb
--- /dev/null
+++ b/scripts/test-pow-tls.py
@@ -0,0 +1,45 @@
+# $Id$
+
+# Grope towards testing TLS functionality in POW
+
+# openssl s_server -tls1 -Verify 9 -cert biz-certs/Alice-EE.cer -key biz-certs/Alice-EE.key -www -CApath biz-certs -chain
+
+# openssl s_client -connect localhost:4433 -tls1 -cert biz-certs/Bob-EE.cer -key biz-certs/Bob-EE.key -verify 9 -CApath biz-certs -crlf
+
+import POW, socket
+
+def pow_error_iterator():
+  err = POW.getError()
+  if err is None:
+    raise StopIteration
+  else:
+    yield err
+
+key = POW.pemRead(POW.RSA_PRIVATE_KEY,  open("biz-certs/Bob-EE.key").read())
+cer = POW.pemRead(POW.X509_CERTIFICATE, open("biz-certs/Bob-EE.cer").read())
+ca  = POW.pemRead(POW.X509_CERTIFICATE, open("biz-certs/Bob-CA.cer").read())
+
+s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+s.connect(("localhost", 4433))
+
+try:
+  t = POW.Ssl(POW.TLSV1_CLIENT_METHOD)
+  t.useCertificate(cer)
+  t.useKey(key)
+  t.addCertificate(ca)
+  t.setFd(s.fileno())
+  t.connect()
+  x = t.peerCertificate()
+  if x is not None:
+    print "Peer", x.pprint()
+  t.write("GET / HTTP/1.0\r\n")
+  if False:
+    print t.read(10000)
+  else:
+    while True:
+      print t.read()
+except:
+  print "ERROR:"
+  for e in pow_error_iterator():
+    print e
+  raise