pytest/test_random_close: use new proxy

parent 02e4754d
../rehandshake/Makefile
\ No newline at end of file
../../../lib/generic/array.h
\ No newline at end of file
../rehandshake/tcp-proxy.c
\ No newline at end of file
../rehandshake/tcp-proxy.h
\ No newline at end of file
../rehandshake/tcproxy.c
\ No newline at end of file
This diff is collapsed.
../rehandshake/tls-proxy.h
\ No newline at end of file
#include <stdio.h>
#include "tls-proxy.h"
#include <gnutls/gnutls.h>
int main()
{
struct tls_proxy_ctx *proxy = tls_proxy_allocate();
if (!proxy) {
fprintf(stderr, "can't allocate tls_proxy structure\n");
return 1;
}
int res = tls_proxy_init(proxy,
"127.0.0.1", 54021, /* Address to listen */
"127.0.0.1", 54010, /* Upstream address */
"../certs/tt.cert.pem",
"../certs/tt.key.pem");
if (res) {
fprintf(stderr, "can't initialize tls_proxy structure\n");
return res;
}
res = tls_proxy_start_listen(proxy);
if (res) {
fprintf(stderr, "error starting listen, error code: %i\n", res);
return res;
}
fprintf(stdout, "started...\n");
res = tls_proxy_run(proxy);
tls_proxy_free(proxy);
return res;
}
...@@ -41,6 +41,8 @@ policy.add(policy.all( ...@@ -41,6 +41,8 @@ policy.add(policy.all(
policy.add(policy.suffix(policy.PASS, {todname('test.')})) policy.add(policy.suffix(policy.PASS, {todname('test.')}))
{% endif %} {% endif %}
-- make sure DNSSEC is turned off for tests
trust_anchors.keyfile_default = nil
modules.unload("ta_signal_query") modules.unload("ta_signal_query")
modules.unload("priming") modules.unload("priming")
modules.unload("detect_time_skew") modules.unload("detect_time_skew")
"""TLS test when forward target closes connection after one second """TLS test when forward target closes connection after one second
Test utilizes random_close/tls-proxy, which forwards queries to configured Test utilizes TLS proxy, which forwards queries to configured
resolver, but closes the connection 1s after establishing. resolver, but closes the connection 1s after establishing.
Kresd must stay alive and be able to answer queries. Kresd must stay alive and be able to answer queries.
Make sure to run `make all` in `random_close/` to compile the proxy.
""" """
import os
import random import random
import string import string
import time import time
import pytest from proxy import HINTS, kresd_tls_client, resolve_hint, TLSProxy
from kresd import Forward, make_kresd, PYTESTS_DIR
import proxyutils
import utils import utils
PROXY_PATH = os.path.join(PYTESTS_DIR, 'random_close', 'tlsproxy')
QPS = 500 QPS = 500
...@@ -41,29 +33,21 @@ def rsa_cannon(sock, duration, domain='test.', qps=QPS): ...@@ -41,29 +33,21 @@ def rsa_cannon(sock, duration, domain='test.', qps=QPS):
time.sleep(time_left) time.sleep(time_left)
@pytest.mark.skipif(not os.path.exists(PROXY_PATH),
reason="{} not found (did you compile it?)".format(PROXY_PATH))
def test_proxy_random_close(tmpdir): def test_proxy_random_close(tmpdir):
# run forward target instance proxy = TLSProxy(close=1000)
workdir = os.path.join(str(tmpdir), 'kresd_fwd_target')
os.makedirs(workdir) kresd_tls_client_kwargs = {
'verbose': False,
with make_kresd(workdir, hints=proxyutils.HINTS, port=54010, 'policy_test_pass': True
verbose=False) as kresd_fwd_target: }
sock = kresd_fwd_target.ip_tls_socket() kresd_fwd_target_kwargs = {
proxyutils.resolve_hint(sock, list(proxyutils.HINTS.keys())[0]) 'verbose': False
}
with proxyutils.proxy(PROXY_PATH): with kresd_tls_client(str(tmpdir), proxy, kresd_tls_client_kwargs, kresd_fwd_target_kwargs) \
# run test kresd instance as kresd:
workdir2 = os.path.join(str(tmpdir), 'kresd') sock2 = kresd.ip_tcp_socket()
os.makedirs(workdir2) rsa_cannon(sock2, 20)
forward = Forward( sock3 = kresd.ip_tcp_socket()
proto='tls', ip='127.0.0.1', port=54021, for hint in HINTS:
hostname='transport-test-server.com', ca_file=proxyutils.PROXY_CA_FILE) resolve_hint(sock3, hint)
with make_kresd(workdir2, forward=forward, policy_test_pass=True, time.sleep(0.1)
verbose=False) as kresd:
sock2 = kresd.ip_tcp_socket()
rsa_cannon(sock2, 20)
sock3 = kresd.ip_tcp_socket()
for hint in proxyutils.HINTS:
proxyutils.resolve_hint(sock3, hint)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment