ssl patch by aaron b. applied.

test stuff for ssl added
lipp · Jan 17, 2012 · a4d376c · a4d376c
1 parent f5a2307
commit a4d376c
Show file tree

Hide file tree

Showing 8 changed files with 112 additions and 10 deletions.
diff --git a/tango/client/socket.lua b/tango/client/socket.lua
@@ -6,6 +6,8 @@ local proxy = require'tango.proxy'
 local send_message = require'tango.utils.socket_message'.send
 local receive_message = require'tango.utils.socket_message'.receive
 local default = require'tango.config'.client_default
+local require = require 
+local ssl = nil
 
 module('tango.client.socket')
 
@@ -15,6 +17,13 @@ connect =
     config.timeout = config.timeout or 5000
     config.address = config.address or 'localhost'
     config.port = config.port or 12345
+    if config.sslparams then 
+      ok,ssl = pcall(require,'ssl')
+      if not ok then
+        error(ssl)
+      end
+    end
+
     local sock = socket.tcp()
     sock:settimeout(config.timeout)
     sock:setoption('tcp-nodelay',true)
@@ -23,6 +32,16 @@ connect =
     if not connected then
       error(err)
     end      
+
+    if config.sslparams then
+      sock = ssl.wrap(sock, config.sslparams)
+      ok,message = sock:dohandshake()
+      if not ok then
+        error('tango ssl handshake failed with: ' .. message)
+        return
+      end
+    end
+
     local serialize = config.serialize
     local unserialize = config.unserialize
     local close_and_rethrow = 

diff --git a/tango/server/copas_socket.lua b/tango/server/copas_socket.lua
@@ -2,11 +2,14 @@ local socket = require'socket'
 local copas = require'copas'
 local coxpcall = require'coxpcall'
 local copcall = copcall
+local pcall = pcall
 local print = print
 local send_message = require'tango.utils.socket_message'.send
 local receive_message = require'tango.utils.socket_message'.receive
 local dispatcher = require'tango.dispatcher'
 local default = require'tango.config'.server_default
+local require = require 
+local ssl = nil
 
 module('tango.server.copas_socket')
 
@@ -16,13 +19,34 @@ new =
     config.pcall = copcall
     config.interface = config.interface or '*'
     config.port = config.port or 12345
+    config.ssl_timeout = config.ssl_timeout or 10
+
+    if config.sslparams then 
+      ok,ssl = pcall(require,'ssl')
+      if not ok then
+        error(ssl)
+      end
+    end
+
     local request_loop = 
       function(sock)
         sock:setoption('tcp-nodelay',true)
+
+        if config.sslparams then
+          sock = ssl.wrap(sock, config.sslparams)
+          sock:settimeout(config.ssl_timeout, 't')
+          ok,message = sock:dohandshake()
+          if not ok then
+            print('tango ssl handshake failed with:' .. message)
+            return
+          end
+        end
+
         local wrapsock = copas.wrap(sock)        
         local dispatcher = dispatcher.new(config)        
         local serialize = config.serialize
         local unserialize = config.unserialize        
+
         local ok,err = copcall(
           function()
             while true do

diff --git a/test.lua b/test.lua
@@ -5,6 +5,7 @@ local run_client_test =
    end
 
 run_client_test('copas_socket','socket')
+run_client_test('copas_socket','socket','ssl')
 run_client_test('ev_socket','socket')
 run_client_test('zmq','zmq')
 

diff --git a/test_client.lua b/test_client.lua
@@ -1,16 +1,24 @@
 local server_backend = arg[1]
 local client_backend = arg[2]
+local option = arg[3]
 
 local tango = require'tango'
+local config = {}
+if option then
+  if option == 'ssl' then
+    config.sslparams = require'test_ssl_config'.client
+  end
+end
+
 local connect = tango.client[client_backend].connect
 
 local spawn_server = 
   function(backend,access_str)
     local cmd = [[
-        lua test_server.lua >test_server.log %s %s &
+        lua test_server.lua %s %s %s &
         echo $!            
     ]]
-    cmd = cmd:format(backend,access_str)
+    cmd = cmd:format(backend,access_str,option or '')
     local process = io.popen(cmd)
     local pid = process:read()
     if backend ~= 'zmq' then
@@ -42,12 +50,15 @@ local test = function(txt,f)
              end
 
 local server = spawn_server(server_backend,'rw')
-local client = connect()
+local client = connect(config)
 
 print('==============================')
 print('running tests with:')
 print('server backend:',server_backend)
 print('client backend:',client_backend)
+if option then
+  print('option:',option)
+end
 print('------------------------------')
 
 test('add test',
@@ -130,7 +141,7 @@ test('accessing not existing tables causes error',
 
 server:kill()
 server = spawn_server(server_backend,'r')
-client = connect()
+client = connect(config)
 
 test('reading remote variable',
      function()         
@@ -149,7 +160,7 @@ test('writing remote variable causes error',
 
 server:kill()
 server = spawn_server(server_backend,'w')
-client = connect()
+client = connect(config)
 
 test('reading remote variable causes error',
      function()

diff --git a/test_server.cert b/test_server.cert
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIB0DCCAXoCCQCHQGKIXEEwbTANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJV
+UzERMA8GA1UECBMIS2VudHVja3kxEzARBgNVBAcTCkxvdWlzdmlsbGUxHTAbBgNV
+BAoTFE5vbi1FeGlzdGFudC1PcmcgTExDMRkwFwYDVQQDExB0YW5nby1zc2wgc2Vy
+dmVyMB4XDTEyMDExNjE1NTM1NFoXDTIyMDExMzE1NTM1NFowbzELMAkGA1UEBhMC
+VVMxETAPBgNVBAgTCEtlbnR1Y2t5MRMwEQYDVQQHEwpMb3Vpc3ZpbGxlMR0wGwYD
+VQQKExROb24tRXhpc3RhbnQtT3JnIExMQzEZMBcGA1UEAxMQdGFuZ28tc3NsIHNl
+cnZlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQCdXDL4evQkkaK1XjUAPyzFVM7x
+/U6pDokZwTdXutuV0hyda32REGi7gBurQzYRMRQQXnW9S0Y0/Lq0G+yEHIY5AgMB
+AAEwDQYJKoZIhvcNAQEFBQADQQAJHqSYxM/xhvwRHXpkDJk8TNkvE5IpP6PBqRX9
+T+QLXsep3Yng6kOcJQErsWphu9168fXjLdjAfZGPktER/IC/
+-----END CERTIFICATE-----
diff --git a/test_server.key b/test_server.key
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOgIBAAJBAJ1cMvh69CSRorVeNQA/LMVUzvH9TqkOiRnBN1e625XSHJ1rfZEQ
+aLuAG6tDNhExFBBedb1LRjT8urQb7IQchjkCAwEAAQJAe5/2j04RRjWALZrAatw2
+8SSKnIST6q73uNsZ/ntXjeBTcXst2rJCULlgKD+VLtLWyWja025kuzCcX9HXagPe
+XQIhANBuURuIcCB6J1qfuwDvWHUToBDuHdlWTeOgFX9A1sazAiEAwUYL3NdG8/Kr
+VPAbakwTCRnpeeJ89COBZut2Hpq7FWMCIF5LWjQ7kIaQ3Nb55m8w2PL2cvbV0vkt
+O0Wceb09Ry1TAiAxNhOpLItdbAmh++0PGMW0CIwBQ+ELDMtTGFsgGcfO/wIhAK9c
+jjzrA0gvv+i/Ax6ExoqlT1hlw1z8lyULEwEbkhVi
+-----END RSA PRIVATE KEY-----
diff --git a/test_server.lua b/test_server.lua
@@ -1,5 +1,16 @@
 local backend = arg[1]
 local mode = arg[2] or 'rw'
+local option = arg[3]
+
+local config = {}
+if option then
+  if option == 'ssl' then
+    config.sslparams = require'test_ssl_config'.server
+  end
+end
+config.write_access = mode:find('w') ~= nil
+config.read_access = mode:find('r') ~= nil
+
 add = 
   function(a,b)
     return a+b
@@ -55,9 +66,5 @@ data = {
 
 local tango = require'tango'
 local server = tango.server[backend]
-
-server.loop{
-  write_access = mode:find('w') ~= nil,
-  read_access = mode:find('r') ~= nil
-}
+server.loop(config)
 
diff --git a/test_ssl_config.lua b/test_ssl_config.lua
@@ -0,0 +1,19 @@
+return {
+  client = {
+    mode = 'client',
+    protocol = 'tlsv1',
+    verify = 'none',
+    options = 'all',	
+    ciphers = 'ALL:!ADH:@STRENGTH'    
+  },
+  server = {
+    mode = 'server',
+    protocol = 'tlsv1',
+    options = {'all'},
+    verify = {'peer'},    
+    options = {'all'},
+    ciphers = 'ALL:!ADH:@STRENGTH',	
+    certificate = './test_server.cert',
+    key = './test_server.key'
+  }
+}