Skip to content
This repository has been archived by the owner on Sep 19, 2024. It is now read-only.

Commit

Permalink
add alpn=passthrough test through python
Browse files Browse the repository at this point in the history
  • Loading branch information
bonifaido committed Apr 19, 2024
1 parent 2ed97fe commit 1177349
Show file tree
Hide file tree
Showing 4 changed files with 63 additions and 0 deletions.
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -19,3 +19,4 @@ linux/
*.deb
*.rpm
test/tls-perf
*pyc
15 changes: 15 additions & 0 deletions test/camblet.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
import ctypes

SOL_CAMBLET = 7891
CAMBLET_HOSTNAME = 1
CAMBLET_TLS_INFO = 2
CAMBLET = b"camblet\0"

CAMBLET_EINVALIDSPIFFEID = 1001

class CambletTlsInfo(ctypes.Structure):
_fields_ = [('camblet_enabled', ctypes.c_bool),
('mtls_enabled', ctypes.c_bool),
('spiffe_id', ctypes.c_char * 256),
('peer_spiffe_id', ctypes.c_char * 256),
('alpn', ctypes.c_char * 256)]
41 changes: 41 additions & 0 deletions test/passthrough.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
import socket
import ssl
import camblet
import ctypes
import http.client as http

hostname = 'localhost'
port = 8010

context = ssl.create_default_context()
context.check_hostname = False
context.verify_mode = ssl.CERT_NONE

# Only available in Python 3.12+
TCP_ULP = 31

with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as sock:

#print(sock.setsockopt(socket.SOL_TCP, TCP_ULP, camblet.CAMBLET))
sock.connect((hostname, port))

with context.wrap_socket(sock, server_hostname=hostname) as ssock:
print(ssock.version())

tls_info_data = ssock.getsockopt(camblet.SOL_CAMBLET, camblet.CAMBLET_TLS_INFO, ctypes.sizeof(camblet.CambletTlsInfo))
tls_info = camblet.CambletTlsInfo.from_buffer_copy(tls_info_data)
print(f"TLS Info camblet: {tls_info.camblet_enabled} ALPN: {tls_info.alpn} SPIFFE ID: {tls_info.spiffe_id} Peer SPIFFE ID: {tls_info.peer_spiffe_id}")

assert tls_info.alpn == b'camblet/passthrough'

# send some data
request = "GET / HTTP/1.1\r\nHost:%s\r\n\r\n" % hostname
ssock.send(request.encode())

response = http.HTTPResponse(ssock)
response.begin()
print(response.status)
print(response.headers)
print(response.read().decode())
response.close()

6 changes: 6 additions & 0 deletions test/smoke.sh
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,9 @@ echo "Starting file server"
echo "Starting file server with TLS"
./file-server -tls -port 8007 >/tmp/file-server-tls.log 2>&1 &

echo "Starting file server with TLS for passthrough"
./file-server -tls -port 8010 >/tmp/file-server-tls-passthrough.log 2>&1 &

echo "Starting NGiNX in docker"
sudo docker run -d --rm -p 8080:80 nginx

Expand Down Expand Up @@ -64,6 +67,9 @@ echo "Test sockopt on file-server with TLS"
gcc -o sockopt test/sockopt.c
./sockopt

echo "Test passthrough ALPN on file-server with TLS"
python3 test/passthrough.py

echo "Stop processes"
sudo pkill python3
sudo pkill file-server
Expand Down

0 comments on commit 1177349

Please sign in to comment.