From 5c8e69eb5e46af1c7f18490bdf7f8cee537e7443 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moise=CC=81s=20Guimara=CC=83es?= Date: Wed, 18 Jan 2017 17:59:48 -0200 Subject: [PATCH] updates vagrant configs; updates server example, updates copyright year. --- wrapper/python/wolfssl/.centos-provisioner.sh | 16 ++- wrapper/python/wolfssl/.gitignore | 3 - wrapper/python/wolfssl/.ubuntu-provisioner.sh | 10 +- wrapper/python/wolfssl/Makefile | 58 ++++++++ wrapper/python/wolfssl/Vagrantfile | 21 +-- wrapper/python/wolfssl/examples/server.py | 136 +++++++++++++++--- wrapper/python/wolfssl/setup.py | 2 +- .../python/wolfssl/src/wolfssl/__about__.py | 2 +- .../python/wolfssl/src/wolfssl/__init__.py | 2 +- wrapper/python/wolfssl/src/wolfssl/_memory.py | 2 +- .../python/wolfssl/src/wolfssl/_methods.py | 2 +- .../python/wolfssl/src/wolfssl/build_ffi.py | 2 +- .../python/wolfssl/src/wolfssl/exceptions.py | 2 +- wrapper/python/wolfssl/src/wolfssl/utils.py | 2 +- wrapper/python/wolfssl/test/conftest.py | 2 +- wrapper/python/wolfssl/test/test_client.py | 2 +- wrapper/python/wolfssl/test/test_context.py | 2 +- wrapper/python/wolfssl/test/test_methods.py | 2 +- wrapper/python/wolfssl/test/test_server.py | 64 --------- 19 files changed, 210 insertions(+), 122 deletions(-) create mode 100644 wrapper/python/wolfssl/Makefile delete mode 100644 wrapper/python/wolfssl/test/test_server.py diff --git a/wrapper/python/wolfssl/.centos-provisioner.sh b/wrapper/python/wolfssl/.centos-provisioner.sh index 8ce2cad66..84d6a0173 100644 --- a/wrapper/python/wolfssl/.centos-provisioner.sh +++ b/wrapper/python/wolfssl/.centos-provisioner.sh @@ -2,7 +2,8 @@ rpm -ivh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-6.noarch.rpm yum update -yum install -y git autoconf libtool +yum install -y \ + git autoconf libtool libffi-devel python-devel python3-devel python-pip git clone https://github.com/wolfssl/wolfssl.git [ $? -ne 0 ] && echo "\n\nCouldn't download wolfssl.\n\n" && exit 1 @@ -18,9 +19,16 @@ mv wolfssl.conf /etc/ld.so.conf ldconfig popd + rm -rf wolfssl -yum install -y libffi-devel python-devel python-pip +pushd /vagrant -pip install wolfssl -[ $? -ne 0 ] && echo "\n\nCouldn't install wolfssl.\n\n" && exit 1 +pip install -r requirements-testing.txt + +make check + +popd + +# pip install wolfssl +# [ $? -ne 0 ] && echo "\n\nCouldn't install wolfssl.\n\n" && exit 1 diff --git a/wrapper/python/wolfssl/.gitignore b/wrapper/python/wolfssl/.gitignore index 101697443..361059ad0 100644 --- a/wrapper/python/wolfssl/.gitignore +++ b/wrapper/python/wolfssl/.gitignore @@ -16,6 +16,3 @@ htmlcov/ # Sphinx documentation docs/_build/ - -# Virtual env -.env diff --git a/wrapper/python/wolfssl/.ubuntu-provisioner.sh b/wrapper/python/wolfssl/.ubuntu-provisioner.sh index 4b5b28a3d..075a93994 100644 --- a/wrapper/python/wolfssl/.ubuntu-provisioner.sh +++ b/wrapper/python/wolfssl/.ubuntu-provisioner.sh @@ -25,13 +25,9 @@ pushd /vagrant pip install -r requirements-testing.txt -rm src/wolfssl/*.pyc -rm -r src/wolfssl/*.egg-info/ -rm -r test/__pycache__/ - -tox -r -e py27,py34 -- -v +make check popd -#pip install wolfssl -#[ $? -ne 0 ] && echo -e "\n\nCouldn't install wolfssl.\n\n" && exit 1 +# pip install wolfssl +# [ $? -ne 0 ] && echo -e "\n\nCouldn't install wolfssl.\n\n" && exit 1 diff --git a/wrapper/python/wolfssl/Makefile b/wrapper/python/wolfssl/Makefile new file mode 100644 index 000000000..15e64349e --- /dev/null +++ b/wrapper/python/wolfssl/Makefile @@ -0,0 +1,58 @@ +# Makefile +# +# Copyright (C) 2006-2017 wolfSSL Inc. +# +# This file is part of wolfSSL. (formerly known as CyaSSL) +# +# wolfSSL is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# wolfSSL is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + +.PHONY : all clean clean-build clean-pyc clean-test install test upload + +# builds the module +all : + python ./setup.py build + +#builds and installs the module +install : all + python ./setup.py install + +## removes all build, test, coverage and Python artifacts +clean : clean-test clean-build clean-pyc + +## removes test and coverage artifacts +clean-test : + rm -rf .coverage .tox/ htmlcov/ + +## removes build artifacts +clean-build : + rm -rf build/ dist/ .eggs/ + find . -name '*.egg-info' -exec rm -rf {} + + find . -name '*.egg' -exec rm -v {} + + +## removes Python file artifacts +clean-pyc : + find src test -name '__pycache__' -exec rm -rf {} + + find src test -name '*.pyc' -exec rm -f {} + + find src test -name '*.pyo' -exec rm -f {} + + +# runs unit tests +check : test + +test : clean-pyc + tox + +# publishes module at pypi +upload : test + python ./setup.py sdist upload diff --git a/wrapper/python/wolfssl/Vagrantfile b/wrapper/python/wolfssl/Vagrantfile index e164331df..cd83995c6 100644 --- a/wrapper/python/wolfssl/Vagrantfile +++ b/wrapper/python/wolfssl/Vagrantfile @@ -1,14 +1,17 @@ # -*- mode: ruby -*- # vi: set ft=ruby : -BOX = "ubuntu" VAGRANTFILE_API_VERSION = "2" Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| - if BOX == "ubuntu" - config.vm.box = "ubuntu/trusty64" - config.vm.provision "shell", path: ".ubuntu-provisioner.sh" - else - config.vm.box = "moisesguimaraes/centos72-64" - config.vm.provision "shell", path: ".centos-provisioner.sh" - end -end + + config.vm.define "default" do |default| + default.vm.box = "ubuntu/trusty64" + default.vm.provision "shell", path: ".ubuntu-provisioner.sh" + end + + config.vm.define "centos", autostart: false do |centos| + centos.vm.box = "moisesguimaraes/centos72-64" + centos.vm.provision "shell", path: ".centos-provisioner.sh" + end + +end \ No newline at end of file diff --git a/wrapper/python/wolfssl/examples/server.py b/wrapper/python/wolfssl/examples/server.py index 428ee3056..6d4074716 100755 --- a/wrapper/python/wolfssl/examples/server.py +++ b/wrapper/python/wolfssl/examples/server.py @@ -4,7 +4,7 @@ # # server.py # -# Copyright (C) 2006-2016 wolfSSL Inc. +# Copyright (C) 2006-2017 wolfSSL Inc. # # This file is part of wolfSSL. (formerly known as CyaSSL) # @@ -26,6 +26,7 @@ import sys import socket +import argparse try: import wolfssl @@ -33,32 +34,121 @@ except ImportError: print("You must run 'python setup.py install' to use the examples") sys.exit() -bind_socket = socket.socket() -bind_socket.bind(('', 0)) -bind_socket.listen(5) +def build_arg_parser(): + parser = argparse.ArgumentParser(add_help=False) -print("Server listening on port", bind_socket.getsockname()[1]) + parser.add_argument( + "-?", "--help", action="help", + help="show this help message and exit" + ) -while True: - try: - secure_socket = None + parser.add_argument( + "-p", metavar="port", type=int, default=11111, + help="Port to listen on, not 0, default 11111" + ) - new_socket, from_addr = bind_socket.accept() + parser.add_argument( + "-v", metavar="version", type=int, choices=[0, 1, 2, 3], default=3, + help="SSL version [0-3], SSLv3(0) - TLS1.2(3)), default 3" + ) - secure_socket = wolfssl.wrap_socket( - new_socket, - server_side=True, - certfile="certs/server-cert.pem", - keyfile="certs/server-key.pem") + parser.add_argument( + "-l", metavar="ciphers", type=str, default="", + help="Cipher suite list (: delimited)" + ) - print(secure_socket.read()) - secure_socket.write(b"I hear you fa shizzle!") + parser.add_argument( + "-c", metavar="certificate", default="./certs/server-cert.pem", + help="Certificate file, default ./certs/server-cert.pem" + ) - except KeyboardInterrupt: - print() - break + parser.add_argument( + "-k", metavar="key", default="./certs/server-key.pem", + help="Key file, default ./certs/server-key.pem" + ) - finally: - if secure_socket: - secure_socket.shutdown(socket.SHUT_RDWR) - secure_socket.close() + parser.add_argument( + "-A", metavar="ca_file", default="./certs/client-cert.pem", + help="Certificate Authority file, default ./certs/client-cert.pem" + ) + + parser.add_argument( + "-d", action="store_true", + help="Disable client cert check" + ) + + parser.add_argument( + "-b", action="store_true", + help="Bind to any interface instead of localhost only" + ) + + parser.add_argument( + "-i", action="store_true", + help="Loop indefinitely (allow repeated connections)" + ) + + return parser + + +def get_method(index): + return ( + wolfssl.PROTOCOL_SSLv3, + wolfssl.PROTOCOL_TLSv1, + wolfssl.PROTOCOL_TLSv1_1, + wolfssl.PROTOCOL_TLSv1_2 + )[index] + + +def main(): + args = build_arg_parser().parse_args() + print(args) + + bind_socket = socket.socket() + bind_socket.bind(("" if args.b else "localhost", args.p)) + bind_socket.listen(5) + + print("Server listening on port", bind_socket.getsockname()[1]) + + context = wolfssl.SSLContext(get_method(args.v), server_side=True) + + context.load_cert_chain(args.c, args.k) + + if args.d: + context.verify_mode = wolfssl.CERT_NONE + else: + context.verify_mode = wolfssl.CERT_REQUIRED + context.load_verify_locations(args.A) + + if args.l: + context.set_ciphers(args.l) + + while True: + try: + secure_socket = None + + new_socket, from_addr = bind_socket.accept() + + secure_socket = context.wrap_socket(new_socket) + + print("Connection received from", from_addr) + + print("\n", secure_socket.read(), "\n") + secure_socket.write(b"I hear you fa shizzle!") + + except KeyboardInterrupt: + print() + break + + finally: + if secure_socket: + secure_socket.shutdown(socket.SHUT_RDWR) + secure_socket.close() + + if not args.i: + break + + bind_socket.close() + + +if __name__ == '__main__': + main() diff --git a/wrapper/python/wolfssl/setup.py b/wrapper/python/wolfssl/setup.py index a89cb2425..727fa9efb 100755 --- a/wrapper/python/wolfssl/setup.py +++ b/wrapper/python/wolfssl/setup.py @@ -3,7 +3,7 @@ # # setup.py # -# Copyright (C) 2006-2016 wolfSSL Inc. +# Copyright (C) 2006-2017 wolfSSL Inc. # # This file is part of wolfSSL. (formerly known as CyaSSL) # diff --git a/wrapper/python/wolfssl/src/wolfssl/__about__.py b/wrapper/python/wolfssl/src/wolfssl/__about__.py index 6d4e219a6..b85588f63 100644 --- a/wrapper/python/wolfssl/src/wolfssl/__about__.py +++ b/wrapper/python/wolfssl/src/wolfssl/__about__.py @@ -2,7 +2,7 @@ # # __about__.py # -# Copyright (C) 2006-2016 wolfSSL Inc. +# Copyright (C) 2006-2017 wolfSSL Inc. # # This file is part of wolfSSL. (formerly known as CyaSSL) # diff --git a/wrapper/python/wolfssl/src/wolfssl/__init__.py b/wrapper/python/wolfssl/src/wolfssl/__init__.py index 929674152..a7912d8bb 100644 --- a/wrapper/python/wolfssl/src/wolfssl/__init__.py +++ b/wrapper/python/wolfssl/src/wolfssl/__init__.py @@ -2,7 +2,7 @@ # # __init__.py # -# Copyright (C) 2006-2016 wolfSSL Inc. +# Copyright (C) 2006-2017 wolfSSL Inc. # # This file is part of wolfSSL. (formerly known as CyaSSL) # diff --git a/wrapper/python/wolfssl/src/wolfssl/_memory.py b/wrapper/python/wolfssl/src/wolfssl/_memory.py index 94a641dd5..456f5ad36 100644 --- a/wrapper/python/wolfssl/src/wolfssl/_memory.py +++ b/wrapper/python/wolfssl/src/wolfssl/_memory.py @@ -2,7 +2,7 @@ # # _memory.py # -# Copyright (C) 2006-2016 wolfSSL Inc. +# Copyright (C) 2006-2017 wolfSSL Inc. # # This file is part of wolfSSL. (formerly known as CyaSSL) # diff --git a/wrapper/python/wolfssl/src/wolfssl/_methods.py b/wrapper/python/wolfssl/src/wolfssl/_methods.py index 3fab97904..5c2b9794a 100644 --- a/wrapper/python/wolfssl/src/wolfssl/_methods.py +++ b/wrapper/python/wolfssl/src/wolfssl/_methods.py @@ -2,7 +2,7 @@ # # _methods.py # -# Copyright (C) 2006-2016 wolfSSL Inc. +# Copyright (C) 2006-2017 wolfSSL Inc. # # This file is part of wolfSSL. (formerly known as CyaSSL) # diff --git a/wrapper/python/wolfssl/src/wolfssl/build_ffi.py b/wrapper/python/wolfssl/src/wolfssl/build_ffi.py index 62b26125b..7c912ea50 100644 --- a/wrapper/python/wolfssl/src/wolfssl/build_ffi.py +++ b/wrapper/python/wolfssl/src/wolfssl/build_ffi.py @@ -2,7 +2,7 @@ # # build_ffi.py # -# Copyright (C) 2006-2016 wolfSSL Inc. +# Copyright (C) 2006-2017 wolfSSL Inc. # # This file is part of wolfSSL. (formerly known as CyaSSL) # diff --git a/wrapper/python/wolfssl/src/wolfssl/exceptions.py b/wrapper/python/wolfssl/src/wolfssl/exceptions.py index 7ff6dede3..4a925ed1a 100644 --- a/wrapper/python/wolfssl/src/wolfssl/exceptions.py +++ b/wrapper/python/wolfssl/src/wolfssl/exceptions.py @@ -2,7 +2,7 @@ # # exceptions.py # -# Copyright (C) 2006-2016 wolfSSL Inc. +# Copyright (C) 2006-2017 wolfSSL Inc. # # This file is part of wolfSSL. (formerly known as CyaSSL) # diff --git a/wrapper/python/wolfssl/src/wolfssl/utils.py b/wrapper/python/wolfssl/src/wolfssl/utils.py index 31fd53b2c..84e003dcf 100644 --- a/wrapper/python/wolfssl/src/wolfssl/utils.py +++ b/wrapper/python/wolfssl/src/wolfssl/utils.py @@ -2,7 +2,7 @@ # # utils.py # -# Copyright (C) 2006-2016 wolfSSL Inc. +# Copyright (C) 2006-2017 wolfSSL Inc. # # This file is part of wolfSSL. (formerly known as CyaSSL) # diff --git a/wrapper/python/wolfssl/test/conftest.py b/wrapper/python/wolfssl/test/conftest.py index c929bfa65..5bb1a023f 100644 --- a/wrapper/python/wolfssl/test/conftest.py +++ b/wrapper/python/wolfssl/test/conftest.py @@ -2,7 +2,7 @@ # # conftest.py # -# Copyright (C) 2006-2016 wolfSSL Inc. +# Copyright (C) 2006-2017 wolfSSL Inc. # # This file is part of wolfSSL. (formerly known as CyaSSL) # diff --git a/wrapper/python/wolfssl/test/test_client.py b/wrapper/python/wolfssl/test/test_client.py index f9495c3b7..029e9c1f0 100644 --- a/wrapper/python/wolfssl/test/test_client.py +++ b/wrapper/python/wolfssl/test/test_client.py @@ -2,7 +2,7 @@ # # test_client.py # -# Copyright (C) 2006-2016 wolfSSL Inc. +# Copyright (C) 2006-2017 wolfSSL Inc. # # This file is part of wolfSSL. (formerly known as CyaSSL) # diff --git a/wrapper/python/wolfssl/test/test_context.py b/wrapper/python/wolfssl/test/test_context.py index db9d6f18d..953f022c7 100644 --- a/wrapper/python/wolfssl/test/test_context.py +++ b/wrapper/python/wolfssl/test/test_context.py @@ -2,7 +2,7 @@ # # test_context.py # -# Copyright (C) 2006-2016 wolfSSL Inc. +# Copyright (C) 2006-2017 wolfSSL Inc. # # This file is part of wolfSSL. (formerly known as CyaSSL) # diff --git a/wrapper/python/wolfssl/test/test_methods.py b/wrapper/python/wolfssl/test/test_methods.py index 70d068c9c..a5cbae30b 100644 --- a/wrapper/python/wolfssl/test/test_methods.py +++ b/wrapper/python/wolfssl/test/test_methods.py @@ -2,7 +2,7 @@ # # test_methods.py # -# Copyright (C) 2006-2016 wolfSSL Inc. +# Copyright (C) 2006-2017 wolfSSL Inc. # # This file is part of wolfSSL. (formerly known as CyaSSL) # diff --git a/wrapper/python/wolfssl/test/test_server.py b/wrapper/python/wolfssl/test/test_server.py deleted file mode 100644 index a48df765e..000000000 --- a/wrapper/python/wolfssl/test/test_server.py +++ /dev/null @@ -1,64 +0,0 @@ -# -*- coding: utf-8 -*- -# -# test_server.py -# -# Copyright (C) 2006-2016 wolfSSL Inc. -# -# This file is part of wolfSSL. (formerly known as CyaSSL) -# -# wolfSSL is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# wolfSSL is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA - -# pylint: disable=missing-docstring, invalid-name, import-error - -import unittest -import socket -import ssl - -HOST = 'localhost' - -class SSLTest(unittest.TestCase): - provider = ssl - - def setUp(self): - # server setup - self.server = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - self.server.bind((HOST, 0)) - self.port = self.server.getsockname()[1] - self.server.listen(1) - - # client setup - self.client = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - - def tearDown(self): - self.server.close() - self.server = None - - self.client.close() - self.client = None - - def cleartext(self): - conn = self.server.accept()[0] - secure_server = self.provider.wrap_socket( - conn, server_side=True, - certfile="certs/server_cert.pem", - keyfile="certs/server_key.pem") - - self.client.send(b"server, can you hear me?") - self.assertEqual(b"server, can you hear me?", - secure_server.read(256)) - - conn.send(b"I hear you loud and clear, client.") - self.assertEqual(b"I hear you loud and clear, client.", - self.client.recv(256))