func (cmd *Command) sealKeyPairAction(c *cli.Context) error {
// Read the key and get a box
box, err := readBox(c.String("sealKey"))
if err != nil {
return err
}
// Read keyPairificate
stream, closer, err := getStream(c)
if err != nil {
return err
}
if closer != nil {
defer closer.Close()
}
keyPair, err := readKeyPair(c.String("cert"), c.String("privateKey"))
if err != nil {
return fmt.Errorf("failed to read key pair: %s", err)
}
bytes, err := secret.SealKeyPairToJSON(box, keyPair)
if err != nil {
return fmt.Errorf("failed to seal key pair: %s", err)
}
_, err = stream.Write(bytes)
if err != nil {
return fmt.Errorf("failed writing to output stream, error %s", err)
}
return nil
}
func (s *VESuite) TestHTTPSListenerCRUD(c *C) {
called := false
server := testutils.NewHandler(func(w http.ResponseWriter, r *http.Request) {
called = true
w.Write([]byte("Hi, I'm fine, thanks!"))
})
defer server.Close()
b, srv, url := "bk1", "srv1", server.URL
_, err := s.client.Set(s.path("backends", b, "backend"), `{"Type": "http"}`, 0)
c.Assert(err, IsNil)
_, err = s.client.Set(s.path("backends", b, "servers", srv), fmt.Sprintf(`{"URL": "%s"}`, url), 0)
c.Assert(err, IsNil)
// Add frontend
fId := "fr1"
_, err = s.client.Set(s.path("frontends", fId, "frontend"), `{"Type": "http", "BackendId": "bk1", "Route": "Path(\"/path\")"}`, 0)
c.Assert(err, IsNil)
keyPair := NewTestKeyPair()
bytes, err := secret.SealKeyPairToJSON(s.box, keyPair)
c.Assert(err, IsNil)
sealed := base64.StdEncoding.EncodeToString(bytes)
host := "localhost"
_, err = s.client.Set(s.path("hosts", host, "host"), fmt.Sprintf(`{"Name": "localhost", "Settings": {"KeyPair": "%v"}}`, sealed), 0)
c.Assert(err, IsNil)
// Add HTTPS listener
l2 := "ls2"
listener, err := engine.NewListener(l2, "https", "tcp", "localhost:32000", "", nil)
c.Assert(err, IsNil)
bytes, err = json.Marshal(listener)
c.Assert(err, IsNil)
s.client.Set(s.path("listeners", l2), string(bytes), 0)
time.Sleep(time.Second)
_, _, err = testutils.Get(fmt.Sprintf("%s%s", "https://localhost:32000", "/path"))
c.Assert(err, IsNil)
c.Assert(called, Equals, true)
_, err = s.client.Delete(s.path("listeners", l2), true)
c.Assert(err, IsNil)
time.Sleep(time.Second)
_, _, err = testutils.Get(fmt.Sprintf("%s%s", "https://localhost:32000", "/path"))
c.Assert(err, NotNil)
}
func (s *VESuite) TestLiveBinaryUpgrade(c *C) {
server := testutils.NewHandler(func(w http.ResponseWriter, r *http.Request) {
w.Write([]byte("Hello 1"))
})
defer server.Close()
b, srv, url := "bk1", "srv1", server.URL
_, err := s.client.Set(s.path("backends", b, "backend"), `{"Type": "http"}`, 0)
c.Assert(err, IsNil)
_, err = s.client.Set(s.path("backends", b, "servers", srv), fmt.Sprintf(`{"URL": "%s"}`, url), 0)
c.Assert(err, IsNil)
// Add frontend
fId := "fr1"
_, err = s.client.Set(s.path("frontends", fId, "frontend"), `{"Type": "http", "BackendId": "bk1", "Route": "Path(\"/path\")"}`, 0)
c.Assert(err, IsNil)
keyPair := NewTestKeyPair()
bytes, err := secret.SealKeyPairToJSON(s.box, keyPair)
c.Assert(err, IsNil)
sealed := base64.StdEncoding.EncodeToString(bytes)
host := "localhost"
_, err = s.client.Set(s.path("hosts", host, "host"), fmt.Sprintf(`{"Name": "localhost", "Settings": {"KeyPair": "%v"}}`, sealed), 0)
c.Assert(err, IsNil)
// Add HTTPS listener
l2 := "ls2"
listener, err := engine.NewListener(l2, "https", "tcp", "localhost:32000", "", nil)
c.Assert(err, IsNil)
bytes, err = json.Marshal(listener)
c.Assert(err, IsNil)
s.client.Set(s.path("listeners", l2), string(bytes), 0)
time.Sleep(time.Second)
_, body, err := testutils.Get(fmt.Sprintf("%s%s", "https://localhost:32000", "/path"))
c.Assert(err, IsNil)
c.Assert(string(body), Equals, "Hello 1")
pidS, err := exec.Command("pidof", "vulcand").Output()
c.Assert(err, IsNil)
// Find a running vulcand
pid, err := strconv.Atoi(strings.TrimSpace(string(pidS)))
c.Assert(err, IsNil)
vulcand, err := os.FindProcess(pid)
c.Assert(err, IsNil)
// Ask vulcand to fork a child
vulcand.Signal(syscall.SIGUSR2)
time.Sleep(time.Second)
// Ask parent process to stop
vulcand.Signal(syscall.SIGTERM)
// Make sure the child is running
pid2S, err := exec.Command("pidof", "vulcand").Output()
c.Assert(err, IsNil)
c.Assert(string(pid2S), Not(Equals), "")
c.Assert(string(pid2S), Not(Equals), string(pidS))
time.Sleep(time.Second)
// Make sure we are still running and responding
_, body, err = testutils.Get(fmt.Sprintf("%s%s", "https://localhost:32000", "/path"))
c.Assert(err, IsNil)
c.Assert(string(body), Equals, "Hello 1")
}