Esempio n. 1
0
func initializeBBSClient(logger lager.Logger) bbs.Client {
	bbsURL, err := url.Parse(*bbsAddress)
	if err != nil {
		logger.Fatal("Invalid BBS URL", err)
	}

	if bbsURL.Scheme != "https" {
		return bbs.NewClient(*bbsAddress)
	}

	bbsClient, err := bbs.NewSecureClient(*bbsAddress, *bbsCACert, *bbsClientCert, *bbsClientKey, *bbsClientSessionCacheSize, *bbsMaxIdleConnsPerHost)
	if err != nil {
		logger.Fatal("Failed to configure secure BBS client", err)
	}
	return bbsClient
}
Esempio n. 2
0
			bbsArgs.EtcdClientSessionCacheSize = 64
			bbsArgs.EtcdMaxIdleConnsPerHost = 2

			bbsURL.Scheme = "https"

			bbsArgs.RequireSSL = true
			bbsArgs.CAFile = path.Join(basePath, "green-certs", "server-ca.crt")
			bbsArgs.CertFile = path.Join(basePath, "green-certs", "server.crt")
			bbsArgs.KeyFile = path.Join(basePath, "green-certs", "server.key")

			caFile := path.Join(basePath, "green-certs", "server-ca.crt")
			certFile := path.Join(basePath, "green-certs", "client.crt")
			keyFile := path.Join(basePath, "green-certs", "client.key")

			var err error
			client, err = bbs.NewSecureClient(bbsURL.String(), caFile, certFile, keyFile, 64, 2)
			Expect(err).NotTo(HaveOccurred())
		})

		runMeasurements()
	})

	Context("when NOT configuring mutual SSL", func() {
		BeforeEach(func() {
			etcdSSLConfig = nil
			bbsURL.Scheme = "http"
			bbsArgs.RequireSSL = false
			client = bbs.NewClient(bbsURL.String())
		})

		runMeasurements()
Esempio n. 3
0
		bbsProcess = ginkgomon.Invoke(bbsRunner)
	})

	Context("when configuring mutual SSL", func() {
		BeforeEach(func() {
			bbsArgs.RequireSSL = true
			bbsArgs.CAFile = path.Join(basePath, "green-certs", "server-ca.crt")
			bbsArgs.CertFile = path.Join(basePath, "green-certs", "server.crt")
			bbsArgs.KeyFile = path.Join(basePath, "green-certs", "server.key")
		})

		It("succeeds for a client configured with the right certificate", func() {
			caFile := path.Join(basePath, "green-certs", "server-ca.crt")
			certFile := path.Join(basePath, "green-certs", "client.crt")
			keyFile := path.Join(basePath, "green-certs", "client.key")
			client, err = bbs.NewSecureClient(bbsURL.String(), caFile, certFile, keyFile, 0, 0)
			Expect(err).NotTo(HaveOccurred())
			Expect(client.Ping(logger)).To(BeTrue())
		})

		It("fails for a client with no SSL", func() {
			client = bbs.NewClient(bbsURL.String())
			Expect(client.Ping(logger)).To(BeFalse())
		})

		It("fails for a client configured with the wrong certificates", func() {
			caFile := path.Join(basePath, "green-certs", "server-ca.crt")
			certFile := path.Join(basePath, "blue-certs", "client.crt")
			keyFile := path.Join(basePath, "blue-certs", "client.key")
			client, err = bbs.NewSecureClient(bbsURL.String(), caFile, certFile, keyFile, 0, 0)
			Expect(err).NotTo(HaveOccurred())