Esempio n. 1
0
func (cmd *Command) sealKeyPairAction(c *cli.Context) error {
	// Read the key and get a box
	box, err := readBox(c.String("sealKey"))
	if err != nil {
		return err
	}

	// Read keyPairificate
	stream, closer, err := getStream(c)
	if err != nil {
		return err
	}
	if closer != nil {
		defer closer.Close()
	}

	keyPair, err := readKeyPair(c.String("cert"), c.String("privateKey"))
	if err != nil {
		return fmt.Errorf("failed to read key pair: %s", err)
	}

	bytes, err := secret.SealKeyPairToJSON(box, keyPair)
	if err != nil {
		return fmt.Errorf("failed to seal key pair: %s", err)
	}

	_, err = stream.Write(bytes)
	if err != nil {
		return fmt.Errorf("failed writing to output stream, error %s", err)
	}
	return nil
}
Esempio n. 2
0
func (s *VESuite) TestHTTPSListenerCRUD(c *C) {
	called := false
	server := testutils.NewHandler(func(w http.ResponseWriter, r *http.Request) {
		called = true
		w.Write([]byte("Hi, I'm fine, thanks!"))
	})
	defer server.Close()

	b, srv, url := "bk1", "srv1", server.URL
	_, err := s.client.Set(s.path("backends", b, "backend"), `{"Type": "http"}`, 0)
	c.Assert(err, IsNil)

	_, err = s.client.Set(s.path("backends", b, "servers", srv), fmt.Sprintf(`{"URL": "%s"}`, url), 0)
	c.Assert(err, IsNil)

	// Add frontend
	fId := "fr1"
	_, err = s.client.Set(s.path("frontends", fId, "frontend"), `{"Type": "http", "BackendId": "bk1", "Route": "Path(\"/path\")"}`, 0)
	c.Assert(err, IsNil)

	keyPair := NewTestKeyPair()

	bytes, err := secret.SealKeyPairToJSON(s.box, keyPair)
	c.Assert(err, IsNil)
	sealed := base64.StdEncoding.EncodeToString(bytes)
	host := "localhost"

	_, err = s.client.Set(s.path("hosts", host, "host"), fmt.Sprintf(`{"Name": "localhost", "Settings": {"KeyPair": "%v"}}`, sealed), 0)
	c.Assert(err, IsNil)

	// Add HTTPS listener
	l2 := "ls2"
	listener, err := engine.NewListener(l2, "https", "tcp", "localhost:32000", "", nil)
	c.Assert(err, IsNil)
	bytes, err = json.Marshal(listener)
	c.Assert(err, IsNil)
	s.client.Set(s.path("listeners", l2), string(bytes), 0)

	time.Sleep(time.Second)
	_, _, err = testutils.Get(fmt.Sprintf("%s%s", "https://localhost:32000", "/path"))
	c.Assert(err, IsNil)
	c.Assert(called, Equals, true)

	_, err = s.client.Delete(s.path("listeners", l2), true)
	c.Assert(err, IsNil)

	time.Sleep(time.Second)

	_, _, err = testutils.Get(fmt.Sprintf("%s%s", "https://localhost:32000", "/path"))
	c.Assert(err, NotNil)
}
Esempio n. 3
0
func (s *VESuite) TestLiveBinaryUpgrade(c *C) {
	server := testutils.NewHandler(func(w http.ResponseWriter, r *http.Request) {
		w.Write([]byte("Hello 1"))
	})
	defer server.Close()

	b, srv, url := "bk1", "srv1", server.URL
	_, err := s.client.Set(s.path("backends", b, "backend"), `{"Type": "http"}`, 0)
	c.Assert(err, IsNil)

	_, err = s.client.Set(s.path("backends", b, "servers", srv), fmt.Sprintf(`{"URL": "%s"}`, url), 0)
	c.Assert(err, IsNil)

	// Add frontend
	fId := "fr1"
	_, err = s.client.Set(s.path("frontends", fId, "frontend"), `{"Type": "http", "BackendId": "bk1", "Route": "Path(\"/path\")"}`, 0)
	c.Assert(err, IsNil)

	keyPair := NewTestKeyPair()

	bytes, err := secret.SealKeyPairToJSON(s.box, keyPair)
	c.Assert(err, IsNil)
	sealed := base64.StdEncoding.EncodeToString(bytes)
	host := "localhost"

	_, err = s.client.Set(s.path("hosts", host, "host"), fmt.Sprintf(`{"Name": "localhost", "Settings": {"KeyPair": "%v"}}`, sealed), 0)
	c.Assert(err, IsNil)

	// Add HTTPS listener
	l2 := "ls2"
	listener, err := engine.NewListener(l2, "https", "tcp", "localhost:32000", "", nil)
	c.Assert(err, IsNil)
	bytes, err = json.Marshal(listener)
	c.Assert(err, IsNil)
	s.client.Set(s.path("listeners", l2), string(bytes), 0)

	time.Sleep(time.Second)
	_, body, err := testutils.Get(fmt.Sprintf("%s%s", "https://localhost:32000", "/path"))
	c.Assert(err, IsNil)
	c.Assert(string(body), Equals, "Hello 1")

	pidS, err := exec.Command("pidof", "vulcand").Output()
	c.Assert(err, IsNil)

	// Find a running vulcand
	pid, err := strconv.Atoi(strings.TrimSpace(string(pidS)))
	c.Assert(err, IsNil)

	vulcand, err := os.FindProcess(pid)
	c.Assert(err, IsNil)

	// Ask vulcand to fork a child
	vulcand.Signal(syscall.SIGUSR2)
	time.Sleep(time.Second)

	// Ask parent process to stop
	vulcand.Signal(syscall.SIGTERM)

	// Make sure the child is running
	pid2S, err := exec.Command("pidof", "vulcand").Output()
	c.Assert(err, IsNil)
	c.Assert(string(pid2S), Not(Equals), "")
	c.Assert(string(pid2S), Not(Equals), string(pidS))

	time.Sleep(time.Second)

	// Make sure we are still running and responding
	_, body, err = testutils.Get(fmt.Sprintf("%s%s", "https://localhost:32000", "/path"))
	c.Assert(err, IsNil)
	c.Assert(string(body), Equals, "Hello 1")
}