Beispiel #1
0
func startKontrol(pem, pub string, port int) (*Kontrol, *Config) {
	conf := config.New()
	conf.Username = "******"
	conf.KontrolURL = fmt.Sprintf("http://localhost:%d/kite", port)
	conf.KontrolKey = pub
	conf.KontrolUser = "******"
	conf.KiteKey = testutil.NewToken("testuser", pem, pub).Raw
	conf.ReadEnvironmentVariables()

	DefaultPort = port
	kon := New(conf.Copy(), "1.0.0")
	// kon.Kite.SetLogLevel(kite.DEBUG)

	switch os.Getenv("KONTROL_STORAGE") {
	case "etcd":
		kon.SetStorage(NewEtcd(nil, kon.Kite.Log))
	case "postgres":
		p := NewPostgres(nil, kon.Kite.Log)
		kon.SetStorage(p)
		kon.SetKeyPairStorage(p)
	default:
		kon.SetStorage(NewEtcd(nil, kon.Kite.Log))
	}

	kon.AddKeyPair("", pub, pem)

	go kon.Run()
	<-kon.Kite.ServerReadyNotify()

	return kon, &Config{
		Config:  conf,
		Private: pem,
		Public:  pub,
	}
}
Beispiel #2
0
func TestRegisterDenyEvil(t *testing.T) {
	// TODO(rjeczalik): use sentinel error value instead
	const authErr = "no valid authentication key found"

	legit, err := NewHelloKite("testuser", conf)
	if err != nil {
		t.Fatal(err)
	}

	if _, err = legit.Kite.GetToken(legit.Kite.Kite()); err != nil {
		t.Fatal(err)
	}

	evil := kite.New("testuser", "1.0.0")
	evil.Config = conf.Config.Copy()
	evil.Config.Port = 6767
	evil.Config.Username = "******"
	evil.Config.KontrolUser = "******"
	evil.Config.KontrolURL = conf.Config.KontrolURL
	evil.Config.KiteKey = testutil.NewToken("testuser", testkeys.PrivateEvil, testkeys.PublicEvil).Raw
	// KontrolKey can be easily extracted from existing kite.key
	evil.Config.KontrolKey = testkeys.Public
	evil.Config.ReadEnvironmentVariables()

	evilURL := &url.URL{
		Scheme: "http",
		Host:   "127.0.0.1:6767",
		Path:   "/kite",
	}

	_, err = evil.Register(evilURL)
	if err == nil {
		t.Errorf("expected kontrol to deny register request: %s", evil.Kite())
	} else {
		t.Logf("register denied: %s", err)
	}

	_, err = evil.GetToken(legit.Kite.Kite())
	if err == nil {
		t.Errorf("expected kontrol to deny token request: %s", evil.Kite())
	} else {
		t.Logf("token denied: %s", err)
	}

	_, err = evil.TellKontrolWithTimeout("registerMachine", 4*time.Second, map[string]interface{}{})
	if err == nil {
		t.Fatal("expected registerMachine to fail")
	}
	if !strings.Contains(err.Error(), authErr) {
		t.Fatalf("got %q, want %q error", err, authErr)
	}
}
Beispiel #3
0
func NewHelloKite(name string, conf *Config) (*HelloKite, error) {
	k := kite.New(name, "1.0.0")
	k.Config = conf.Config.Copy()
	k.Config.Port = 0
	k.Config.KiteKey = testutil.NewToken(name, conf.Private, conf.Public).Raw
	// k.SetLogLevel(kite.DEBUG)

	k.HandleFunc("hello", func(r *kite.Request) (interface{}, error) {
		return fmt.Sprintf("%s says hello", name), nil
	})

	go k.Run()
	<-k.ServerReadyNotify()

	u := &url.URL{
		Scheme: "http",
		Host:   fmt.Sprintf("127.0.0.1:%d", k.Port()),
		Path:   "/kite",
	}

	hk := &HelloKite{
		Kite:    k,
		URL:     u,
		clients: make(map[string]*kite.Client),
		regs:    make(chan *protocol.RegisterResult, 16),
		toks:    make(chan struct{}, 16),
		renew:   make(chan struct{}, 16),
	}

	hk.Kite.OnRegister(hk.onRegister)

	if err := conf.Register(hk); err != nil {
		return nil, err
	}

	return hk, nil
}