def test_good_cert(self):
"""Check that I'm allowed in with a valid certificate"""
client_cn = "myserver"
# FIXME: move these filenames out into settings.py (duplicated here from Crypto())
authority_key = "authority.pem"
authority_cert = "authority.crt"
cert, key = self._client_credentials(client_cn, authority_key, authority_cert)
rc, stdout, stderr = self._openssl(['x509', '-in', cert, '-serial', '-noout'])
client_cert_serial = stdout.strip().split("=")[1]
url = "https://localhost:%s/agent/message/" % settings.HTTPS_FRONTEND_PORT
with HttpListener(settings.HTTP_AGENT_PORT) as listener:
response = requests.post(url, data=' ' * 16 * 1024, verify=False, cert=(cert, key))
self.assertEqual(response.status_code, 200)
response = requests.post(url, data=' ' * 16 * 1024 ** 2, verify=False, cert=(cert, key))
self.assertEqual(response.status_code, 413)
response = requests.get(url, verify=False, cert=(cert, key))
# My request succeeded
self.assertEqual(response.status_code, 200)
# A request was forwarded
self.assertEqual(len(listener.requests), 2)
self.assertEqual(listener.last_request.path, "/agent/message/")
# The client name header was set
self.assertEqual(listener.last_request.headers.getheader('X-SSL-Client-On'), "SUCCESS")
self.assertEqual(listener.last_request.headers.getheader('X-SSL-Client-Name'), client_cn)
self.assertEqual(listener.last_request.headers.getheader('X-SSL-Client-Serial'), client_cert_serial)
url = "https://localhost:%s/agent/reregister/" % settings.HTTPS_FRONTEND_PORT
response = requests.post(url, verify=False, cert=(cert, key))
self.assertEqual(response.status_code, 200)
评论列表
文章目录
