From c10ff1d2108212fe3813191235a16fb74be877bf Mon Sep 17 00:00:00 2001 From: Benjamin Sergeant Date: Sun, 5 Jan 2020 15:26:35 -0800 Subject: [PATCH] add reference ssl echo server using websockets and nginx reverse proxy to terminate ssl --- test/compatibility/python/websockets/Procfile | 3 ++ .../python/websockets/echo_server.py | 15 ++++---- .../websockets/echo_server_interactive.py | 28 +++++++++++++++ test/compatibility/python/websockets/makefile | 3 ++ .../python/websockets/nginx.conf | 36 +++++++++++++++++++ .../python/websockets/trusted-client-crt.pem | 19 ++++++++++ .../python/websockets/trusted-client-key.pem | 27 ++++++++++++++ 7 files changed, 122 insertions(+), 9 deletions(-) create mode 100644 test/compatibility/python/websockets/Procfile create mode 100644 test/compatibility/python/websockets/echo_server_interactive.py create mode 100644 test/compatibility/python/websockets/nginx.conf create mode 100644 test/compatibility/python/websockets/trusted-client-crt.pem create mode 100644 test/compatibility/python/websockets/trusted-client-key.pem diff --git a/test/compatibility/python/websockets/Procfile b/test/compatibility/python/websockets/Procfile new file mode 100644 index 00000000..53d7acd9 --- /dev/null +++ b/test/compatibility/python/websockets/Procfile @@ -0,0 +1,3 @@ +nginx: nginx -p . -c nginx.conf +websocket_server: python echo_server.py +send: sleep 1 ; ws send -x --verify_none wss://localhost:8765 /usr/local/bin/ws diff --git a/test/compatibility/python/websockets/echo_server.py b/test/compatibility/python/websockets/echo_server.py index f8916276..3ac8db9b 100644 --- a/test/compatibility/python/websockets/echo_server.py +++ b/test/compatibility/python/websockets/echo_server.py @@ -5,18 +5,15 @@ import asyncio import websockets -async def hello(websocket, path): - await websocket.send(f"> Welcome !") - name = await websocket.recv() - print(f"< {name}") +async def echo(websocket, path): + msg = await websocket.recv() + print(f'Received {len(msg)} bytes') + await websocket.send(msg) - greeting = f"Hello {name}!" - await websocket.send(greeting) - print(f"> {greeting}") - -start_server = websockets.serve(hello, 'localhost', 8765) +print('Serving on localhost:8766') +start_server = websockets.serve(echo, 'localhost', 8766, max_size=2 ** 25) asyncio.get_event_loop().run_until_complete(start_server) asyncio.get_event_loop().run_forever() diff --git a/test/compatibility/python/websockets/echo_server_interactive.py b/test/compatibility/python/websockets/echo_server_interactive.py new file mode 100644 index 00000000..78c9cfba --- /dev/null +++ b/test/compatibility/python/websockets/echo_server_interactive.py @@ -0,0 +1,28 @@ +#!/usr/bin/env python + +# WS server example + +import asyncio +import websockets + +async def hello(websocket, path): + await websocket.send(f"> Welcome !") + + name = await websocket.recv() + print(f"< {name}") + + greeting = f"Hello {name}!" + + await websocket.send(greeting) + print(f"> {greeting}") + +async def echo(websocket, path): + msg = await websocket.recv() + print(f'Received {len(msg)} bytes') + await websocket.send(msg) + +print('Serving on localhost:8766') +start_server = websockets.serve(echo, 'localhost', 8766) + +asyncio.get_event_loop().run_until_complete(start_server) +asyncio.get_event_loop().run_forever() diff --git a/test/compatibility/python/websockets/makefile b/test/compatibility/python/websockets/makefile index 018430ad..381c9bdc 100644 --- a/test/compatibility/python/websockets/makefile +++ b/test/compatibility/python/websockets/makefile @@ -1,3 +1,6 @@ +all: + honcho start # install honcho (pip install honcho) or procman (the original ruby script) + .PHONY: docker NAME := bsergean/ws_proxy diff --git a/test/compatibility/python/websockets/nginx.conf b/test/compatibility/python/websockets/nginx.conf new file mode 100644 index 00000000..36042846 --- /dev/null +++ b/test/compatibility/python/websockets/nginx.conf @@ -0,0 +1,36 @@ + +error_log stderr warn; + +daemon off; + +events { + worker_connections 32; +} + +http { + + map $http_upgrade $connection_upgrade { + default upgrade; + '' close; + } + + upstream websocket { + server localhost:8766; + } + + server { + listen 8765 ssl; + + ssl_certificate trusted-client-crt.pem; + ssl_certificate_key trusted-client-key.pem; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_ciphers HIGH:!aNULL:!MD5; + + location / { + proxy_pass http://websocket; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + } + } +} diff --git a/test/compatibility/python/websockets/trusted-client-crt.pem b/test/compatibility/python/websockets/trusted-client-crt.pem new file mode 100644 index 00000000..6b0a74b6 --- /dev/null +++ b/test/compatibility/python/websockets/trusted-client-crt.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDLDCCAhSgAwIBAgIJALyEpMxNH62gMA0GCSqGSIb3DQEBCwUAMEExFDASBgNV +BAoMC21hY2hpbmV6b25lMRQwEgYDVQQKDAtJWFdlYlNvY2tldDETMBEGA1UEAwwK +dHJ1c3RlZC1jYTAeFw0xOTEyMjQwMDM3MzVaFw0yMDEyMjMwMDM3MzVaMEUxFDAS +BgNVBAoMC21hY2hpbmV6b25lMRQwEgYDVQQKDAtJWFdlYlNvY2tldDEXMBUGA1UE +AwwOdHJ1c3RlZC1jbGllbnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB +AQDFCipQ6OIJX15n2okHxuSkviuzcHzoYEzPhF6QXzKFbKhuzp4g0mMOXPvDKQE+ ++dycGm6l1yg1pUuNKNxYjDWcSqOIqvDaOv9DkJCCNXpAGbh1CUmGdmp4HvwrzSIn ++3s/enC+zatcnwhrOyJk8k/9VqKlt+vB1++UAQV1eSX7adb/BemoyMguAQ8edAls +IiVSRrHRRyHy98j97jxX5lIdoC1FMv7Tj4suJA7wvTHlq3clpLL8t6dw1DAmBybK +ShUg9SC/T07WJ2cOo8wka+p7S/blh8qZwIy7kTgCI+SYgRfEOA94u9A9mDqp295h +DCghN2UdU3hh1k7SChI/owLpAgMBAAGjIzAhMB8GA1UdEQQYMBaCCWxvY2FsaG9z +dIIJMTI3LjAuMC4xMA0GCSqGSIb3DQEBCwUAA4IBAQAtsbBGLUxABNH5yoRbk0o3 +sGFMVkNDKkCE24BVkUfNyKUxLQWMknw3B4bmhrC8ZQPRk069ERV0ZR6eB2/9EG9s +Pzy4JbMwWrP5c0UIMJRk3w8ev9FXrsKwG6VhIPnvAdbJEis+7eDmYgpvmsbsYRmG +cqJcWvDKffki52Gbr9WgxLpqCGc2XMGr1Y1jU73Y4zmOeNLiU6HRKimNtGjqx/Tx +QoGVTNwki4TQTwQIyJ+HOj0c49IDJ93GbW5aymOT/e1IXDe07e9yg1r80bdFn23X +9bmRagT1/qu8lXfOpQA0foYeSJRSN7gITPmo7G2ogGVr6dZwhAHDYYy2pwW32j7o +-----END CERTIFICATE----- diff --git a/test/compatibility/python/websockets/trusted-client-key.pem b/test/compatibility/python/websockets/trusted-client-key.pem new file mode 100644 index 00000000..a14229d4 --- /dev/null +++ b/test/compatibility/python/websockets/trusted-client-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAxQoqUOjiCV9eZ9qJB8bkpL4rs3B86GBMz4RekF8yhWyobs6e +INJjDlz7wykBPvncnBpupdcoNaVLjSjcWIw1nEqjiKrw2jr/Q5CQgjV6QBm4dQlJ +hnZqeB78K80iJ/t7P3pwvs2rXJ8IazsiZPJP/VaipbfrwdfvlAEFdXkl+2nW/wXp +qMjILgEPHnQJbCIlUkax0Uch8vfI/e48V+ZSHaAtRTL+04+LLiQO8L0x5at3JaSy +/LencNQwJgcmykoVIPUgv09O1idnDqPMJGvqe0v25YfKmcCMu5E4AiPkmIEXxDgP +eLvQPZg6qdveYQwoITdlHVN4YdZO0goSP6MC6QIDAQABAoIBAGMCJ58+Vg5FmKdw +vThmLY/GaykgVfNiKFaB+g5rd3Rp0/zR3804SkP2Xx+CpDijzsG12nGEupSyOVN1 ++7qWwX2GV8QduSa/THMD2klDW+mHwxM0Fnj1WayATVApJIeYqyaLfMmziO7ijpVr +Qm4dACqZdOL2lwVxXtYs6TRNKtO4SIzmeVS39hmV2zeGmhUzI4hbirLOWBtbsPpl +qi5wyVkHoEVLnY376TOFc8u5+636yh6G2yqa/zsv9BBXG77DKWl659Fsd4DaUcRG +sk6CTH+I99aE0wrzSUuQmDR/IflxT+DP2ceNrCIc1h1oFzrBKh3fpFR3+D6SSGMn +r9Nk7LECgYEA/8CHrh2LLjqsLbqBoMUXthPwPrVGlK+KGb14+S8Pbfa2hDFWhoif +/FBWAD7GSXedjL3kxFSfmFxsDGPSyqqLRuZNaNs8Ar7vage6FYT6Vfh/8TYOToNr +8AHmhgQCg4luC8VGedCeEDVmUgkdJd/baoY8r3LKXaqsLxyBQN1Hzi0CgYEAxTsQ +jMFwACIdZHJKgUAdEA6PJM0HCS45F4116yqum99S4H10O1VdWK/vKeb13PK//25X +liXhjNHqcVLX08meqs561nKBWhbA72UU3oBAF4RNLHkbZMh1HtZGfBCfJ/Kmq12/ +ZmGCwggUHhwnKD02hIGdffc+0eLTeCQL8HKi+S0CgYEA59+MpAXRHDbByCviPvqy +hrgJBzGfLksAsFmihnluScp2q993jT3tnvrPHiXL7OvwAZxg/seicqbIp2sRwAFj +iQJgiILMI8kskzsyMTSBKtTEWtMhoXlxsQZoFHUqOkutZCqVvPexdwyTGil9LcuJ +yUivWHqAku+ccJItdbup0HkCgYEAswkZzdvucoCFU+AX19o+R4wfzpU7FM9bzhCA +gTgehqojzlqzfwTPlqkmHlBk0Oue9BzS7x5172HCQpqkBsGYAY8rnK0W1JOhEe8d +EZk0FOTpNTy+bC83egWiuA5Sm22+dALGswZDLyUsNeTyeqmOapxKPcWJxfb0ZbO7 +DsrRPAUCgYAzJm79VvEeRtwKhm0AcDSikJgNKojm6T6BIi/9QJyMTYlvGpBEwPBt +iqmqCqXGmUYafFApTUPyzmyDUsLfeHRwylvPn4UtYXPJ1UKGCVY3SWiJQi2CHSvC +gGSIifjzyeSjhw1cqzS2jHfu4lu6p2GBv/fyXLRVS7x6xY7OBinmvg== +-----END RSA PRIVATE KEY-----