pytest/test_random_close: use new proxy

parent 02e4754d
../rehandshake/Makefile
\ No newline at end of file
../../../lib/generic/array.h
\ No newline at end of file
../rehandshake/tcp-proxy.c
\ No newline at end of file
../rehandshake/tcp-proxy.h
\ No newline at end of file
../rehandshake/tcproxy.c
\ No newline at end of file
This diff is collapsed.
../rehandshake/tls-proxy.h
\ No newline at end of file
#include <stdio.h>
#include "tls-proxy.h"
#include <gnutls/gnutls.h>
int main()
{
struct tls_proxy_ctx *proxy = tls_proxy_allocate();
if (!proxy) {
fprintf(stderr, "can't allocate tls_proxy structure\n");
return 1;
}
int res = tls_proxy_init(proxy,
"127.0.0.1", 54021, /* Address to listen */
"127.0.0.1", 54010, /* Upstream address */
"../certs/tt.cert.pem",
"../certs/tt.key.pem");
if (res) {
fprintf(stderr, "can't initialize tls_proxy structure\n");
return res;
}
res = tls_proxy_start_listen(proxy);
if (res) {
fprintf(stderr, "error starting listen, error code: %i\n", res);
return res;
}
fprintf(stdout, "started...\n");
res = tls_proxy_run(proxy);
tls_proxy_free(proxy);
return res;
}
......@@ -41,6 +41,8 @@ policy.add(policy.all(
policy.add(policy.suffix(policy.PASS, {todname('test.')}))
{% endif %}
-- make sure DNSSEC is turned off for tests
trust_anchors.keyfile_default = nil
modules.unload("ta_signal_query")
modules.unload("priming")
modules.unload("detect_time_skew")
"""TLS test when forward target closes connection after one second
Test utilizes random_close/tls-proxy, which forwards queries to configured
Test utilizes TLS proxy, which forwards queries to configured
resolver, but closes the connection 1s after establishing.
Kresd must stay alive and be able to answer queries.
Make sure to run `make all` in `random_close/` to compile the proxy.
"""
import os
import random
import string
import time
import pytest
from kresd import Forward, make_kresd, PYTESTS_DIR
import proxyutils
from proxy import HINTS, kresd_tls_client, resolve_hint, TLSProxy
import utils
PROXY_PATH = os.path.join(PYTESTS_DIR, 'random_close', 'tlsproxy')
QPS = 500
......@@ -41,29 +33,21 @@ def rsa_cannon(sock, duration, domain='test.', qps=QPS):
time.sleep(time_left)
@pytest.mark.skipif(not os.path.exists(PROXY_PATH),
reason="{} not found (did you compile it?)".format(PROXY_PATH))
def test_proxy_random_close(tmpdir):
# run forward target instance
workdir = os.path.join(str(tmpdir), 'kresd_fwd_target')
os.makedirs(workdir)
with make_kresd(workdir, hints=proxyutils.HINTS, port=54010,
verbose=False) as kresd_fwd_target:
sock = kresd_fwd_target.ip_tls_socket()
proxyutils.resolve_hint(sock, list(proxyutils.HINTS.keys())[0])
with proxyutils.proxy(PROXY_PATH):
# run test kresd instance
workdir2 = os.path.join(str(tmpdir), 'kresd')
os.makedirs(workdir2)
forward = Forward(
proto='tls', ip='127.0.0.1', port=54021,
hostname='transport-test-server.com', ca_file=proxyutils.PROXY_CA_FILE)
with make_kresd(workdir2, forward=forward, policy_test_pass=True,
verbose=False) as kresd:
proxy = TLSProxy(close=1000)
kresd_tls_client_kwargs = {
'verbose': False,
'policy_test_pass': True
}
kresd_fwd_target_kwargs = {
'verbose': False
}
with kresd_tls_client(str(tmpdir), proxy, kresd_tls_client_kwargs, kresd_fwd_target_kwargs) \
as kresd:
sock2 = kresd.ip_tcp_socket()
rsa_cannon(sock2, 20)
sock3 = kresd.ip_tcp_socket()
for hint in proxyutils.HINTS:
proxyutils.resolve_hint(sock3, hint)
for hint in HINTS:
resolve_hint(sock3, hint)
time.sleep(0.1)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment