Mirrors_Framework/mosquitto
1
0
Fork 0
mirror of https://github.com/eclipse-mosquitto/mosquitto.git synced 2026-02-06 02:52:07 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
27820a58c6a57fdff8ab3c8fb8f207fd30ff24f9
mosquitto/test/broker/21-proxy-v2-ssl-require-cert-failure.py
Roger A. Light 18fdad5578 Add PROXY v1 support
2024-08-18 21:45:22 +01:00

77 lines
2.3 KiB
Python
Executable File
Raw Blame History

#!/usr/bin/env python3
from mosq_test_helper import *
from proxy_helper import *
import json
import shutil
import socket
def write_config(filename, port):
with open(filename, 'w') as f:
f.write("log_type all\n")
f.write("listener %d\n" % (port))
f.write("allow_anonymous true\n")
f.write("enable_proxy_protocol 2\n")
f.write("require_certificate true\n")
def do_test(data):
port = mosq_test.get_port()
conf_file = os.path.basename(__file__).replace('.py', '.conf')
write_config(conf_file, port)
broker = mosq_test.start_broker(filename=os.path.basename(__file__), use_conf=True, port=port)
rc = 1
expect_log = "Connection from 192.0.2.5:6275 rejected, client did not provide a certificate."
try:
sock = do_proxy_v2_connect(port, PROXY_VER, PROXY_CMD_PROXY, PROXY_FAM_IPV4 | PROXY_PROTO_TCP, data)
try:
data = sock.recv(10)
if len(data) == 0:
rc = 0
except ConnectionResetError:
rc = 0
sock.close()
except mosq_test.TestError:
pass
finally:
os.remove(conf_file)
broker.terminate()
if mosq_test.wait_for_subprocess(broker):
print("broker not terminated")
if rc == 0: rc=1
(stdo, stde) = broker.communicate()
if rc != 0 or expect_log not in stde.decode('utf-8'):
print(stde.decode('utf-8'))
rc = 1
raise ValueError(rc)
# No SSL at all
data = b"\xC0\x00\x02\x05" + b"\x00\x00\x00\x00" + b"\x18\x83" + b"\x00\x00"
do_test(data)
# SSL but no certificate at all - this should fail
# IP, IP, port, port, SSL-tlv, length, client, verify, SSL-version sub-tlv, length, value
data = b"\xC0\x00\x02\x05" + b"\x00\x00\x00\x00" + b"\x18\x83" + b"\x00\x00" \
+ b"\x20" \
+ b"\x00\x0F" \
+ b"\x01" \
+ b"\x00\x00\x00\x01" \
+ b"\x21" \
+ b"\x00\x07" \
+ b"\x54\x4C\x53\x76\x31\x2E\x33"
do_test(data)
# SSL, verify 0 but no certificate presented this session
# IP, IP, port, port, SSL-tlv, length, client, verify, SSL-version sub-tlv, length, value
data = b"\xC0\x00\x02\x05" + b"\x00\x00\x00\x00" + b"\x18\x83" + b"\x00\x00" \
+ b"\x20" \
+ b"\x00\x0F" \
+ b"\x01" \
+ b"\x00\x00\x00\x00" \
+ b"\x21" \
+ b"\x00\x07" \
+ b"\x54\x4C\x53\x76\x31\x2E\x33"
do_test(data)
Reference in New Issue View Git Blame Copy Permalink